This job ad has been posted over 30 days ago...
0
applicants
ESM ArcSight Content Engineer
at Elite Technical Services, Inc. in Springfield, VA
Required Skills
• TS/SCI Government Clearance is required
•Minimum 5-8 years in IT and Information Security Engineering
•In-depth experience in using ArcSight Security Information and Event Management products, to include ArcSight Connectors, Logger, Event Security Manager (ESM), and/or Threat Response Manager (TRM).
•Hands-on ArcSight developing and managing use cases and content (Dashboards, Active Channels, Reports, Rules, Filters, Trends, Active Lists, etc)
•Demonstrated ability to use problem solving techniques such as root cause analysis to resolve issues
•Must be able to support data collection from a large, complex server and network infrastructure and user base
•Must possess a strong work ethic, be self-directed, and be a detail-oriented professional
•Must be willing to learn and adapt to new, cutting edge technologies
•Must be willing to document work and participate in change procedures
•Must possess excellent time management skills and the drive to work unsupervised
•Must be a team player; willing to both share knowledge and learn from others to ensure the team's success
Desired Skills:
DoD 8570.1 Compliant Information Security Certification(s), such as CISSP, ISSEP, GSEC, GCIA, GSLC, Security+ strongly desired
Direct experience performing security engineering/system integration on NGA systems
Strong background in Unix, Solaris, Linux, or Windows servers
Scripting skills
Education Requirement:
Bachelors Degree in Computer Science, Engineering or a related technical discipline, or the equivalent combination of education, technical training, or work/military experience. Masters Degree preferred.
Job Description
Elite Technical is a technology integration and managed service provider. We have a current opening in Springfield, VA for a ESM ArcSight Content Engineer to support our client within a Federal Agency.
•Developing content for a complex and growing ArcSight infrastructure. This includes use cases for Dashboards, Active Channels, Reports, Rules, Filters, Trends, and Active Lists
•Provide optimization of data flow using aggregation, filters, etc. Develop custom Flex Connector as required to meet use case objectives.
•Participate in the operation of ArcSight Security Information and Event Management systems to include ArcSight ESM, Oracle, Connector appliances/SmartConnectors, Logger appliances, Windows and Linux servers, network devices and backups
•Life-cycle management of the ArcSight platforms to including coordination and planning of upgrades, new deployments, and maintaining current operational data flows
•Apply Configuration Management disciplines to maintain hardware/software revisions, ArcSight content, security patches, hardening, and documentation
•Provide guidance to security analyst and network engineering staff
•Working Closely with C&A Team to maintain Security requirements for Operation of ArcSight systems
•Support all aspects of Security Information and Event Management initiative.
•Supporting the establishment, enhancement, and continual improvement of an integrated set of correlation rules, alerts, searches, reports, and responses.
•Coordinating and conducting event collection, log management, event management, compliance automation, and identity monitoring activities
•Responding to day-to-day security requests relating to ArcSight operations.
•Tunes ArcSight performance and event data quality to maximized ArcSight system efficiency.
•Assists with analyst using ArcSight and other tools to detect and respond to IT security incidents.
•Perform routine equipment checks and preventative maintenance
•Performing systems hardening to DoD Standards
•Maintaining up to date documentation of designs/configurations
•Create shell and perl scripts to facilitate automated tasks
•Work with other Service Providers to support areas of common interest
•Working with software and hardware vendors
•On-call support may be required
• TS/SCI Government Clearance is required
•Minimum 5-8 years in IT and Information Security Engineering
•In-depth experience in using ArcSight Security Information and Event Management products, to include ArcSight Connectors, Logger, Event Security Manager (ESM), and/or Threat Response Manager (TRM).
•Hands-on ArcSight developing and managing use cases and content (Dashboards, Active Channels, Reports, Rules, Filters, Trends, Active Lists, etc)
•Demonstrated ability to use problem solving techniques such as root cause analysis to resolve issues
•Must be able to support data collection from a large, complex server and network infrastructure and user base
•Must possess a strong work ethic, be self-directed, and be a detail-oriented professional
•Must be willing to learn and adapt to new, cutting edge technologies
•Must be willing to document work and participate in change procedures
•Must possess excellent time management skills and the drive to work unsupervised
•Must be a team player; willing to both share knowledge and learn from others to ensure the team's success
Desired Skills:
DoD 8570.1 Compliant Information Security Certification(s), such as CISSP, ISSEP, GSEC, GCIA, GSLC, Security+ strongly desired
Direct experience performing security engineering/system integration on NGA systems
Strong background in Unix, Solaris, Linux, or Windows servers
Scripting skills
Education Requirement:
Bachelors Degree in Computer Science, Engineering or a related technical discipline, or the equivalent combination of education, technical training, or work/military experience. Masters Degree preferred.
Job Description
Elite Technical is a technology integration and managed service provider. We have a current opening in Springfield, VA for a ESM ArcSight Content Engineer to support our client within a Federal Agency.
•Developing content for a complex and growing ArcSight infrastructure. This includes use cases for Dashboards, Active Channels, Reports, Rules, Filters, Trends, and Active Lists
•Provide optimization of data flow using aggregation, filters, etc. Develop custom Flex Connector as required to meet use case objectives.
•Participate in the operation of ArcSight Security Information and Event Management systems to include ArcSight ESM, Oracle, Connector appliances/SmartConnectors, Logger appliances, Windows and Linux servers, network devices and backups
•Life-cycle management of the ArcSight platforms to including coordination and planning of upgrades, new deployments, and maintaining current operational data flows
•Apply Configuration Management disciplines to maintain hardware/software revisions, ArcSight content, security patches, hardening, and documentation
•Provide guidance to security analyst and network engineering staff
•Working Closely with C&A Team to maintain Security requirements for Operation of ArcSight systems
•Support all aspects of Security Information and Event Management initiative.
•Supporting the establishment, enhancement, and continual improvement of an integrated set of correlation rules, alerts, searches, reports, and responses.
•Coordinating and conducting event collection, log management, event management, compliance automation, and identity monitoring activities
•Responding to day-to-day security requests relating to ArcSight operations.
•Tunes ArcSight performance and event data quality to maximized ArcSight system efficiency.
•Assists with analyst using ArcSight and other tools to detect and respond to IT security incidents.
•Perform routine equipment checks and preventative maintenance
•Performing systems hardening to DoD Standards
•Maintaining up to date documentation of designs/configurations
•Create shell and perl scripts to facilitate automated tasks
•Work with other Service Providers to support areas of common interest
•Working with software and hardware vendors
•On-call support may be required
Recent jobs at Elite Technical Services, Inc.
Data Center Virtualization Engineer at Elite Technical Services, Inc. in Dallas / Ft. Worth, TX
01-20-2012
Cisco Network / Voice Engineer at Elite Technical Services, Inc. in Dallas / Ft. Worth, TX
01-20-2012
Frontline Engineer - Cyber at Elite Technical Services, Inc. in Annapolis Junction, MD
01-20-2012
System Engineer at Elite Technical Services, Inc. in Annapolis Junction, MD
01-20-2012
Software Engineer -CP at Elite Technical Services, Inc. in Annapolis Junction, MD
01-20-2012
Published at 01-20-2012
Viewed: 36 times
Viewed: 36 times