Description
ARCSIGHT SIEM EXPERT (CBB) - Inside IR35DESCRIPTION
A cyber security services and platform company whose mission is to help our customers react faster and smarter - and stay ahead of security threats, by creating secure digital ecosystems. Automating processes to detect and prioritize threats early and respond rapidly and decisively. Trust by some of the world's largest enterprises to create and maintain secure digital ecosystems using our comprehensive cyber security platform and mitigation services. We are seeking a skilled and experienced ArcSight Engineer to join our onboarding team.
RESPONSIBILITIES
- Understand ArcSight components in depth
- Understand customer requirements and recommending best practices for SIEM solutions
- Offer consultative advice regarding security principles and best practices related to SIEM operations
- Develop new SIEM rules, correlations, and dashboards to meet customer needs
- Design and document the requirements for a SIEM solution that meets customer needs
- Track and document open tasks
- Deploy and configure SIEM components and tuning customizing, and maintaining these components
- Provide guidance in configuring end log sources (in-scope) to be logged to the SIEM
- Verify and investigate data log sources
REQUIREMENTS
- Experience with ArcSight, specifically with regard to creating rules, data models, reports and dashboards
- Degree in Information Security (or equivalent work experience)
- Minimum 4 years of experience in a similar role
- SIEM Vendor Certification of Administrator (preferred, but not required)
- Experience and proficiency in UNIX/Linux and/or Regular Expressions.
- The following certifications are considered to be an advantage: CISSP, CISM, CompTIA Security+, CEH, GSEC