ArcSight Security Engineer

Company Description

Established in 1991, Collabera has been a leader in IT staffing for over 22 years and is one of the largest diversity IT staffing firms in the industry. As a half a billion dollar IT company, with more than 9,000 professionals across 30+ offices, Collabera offers comprehensive, cost-effective IT staffing & IT Services. We provide services to Fortune 500 and mid-size companies to meet their talent needs with high quality IT resources through Staff Augmentation, Global Talent Management, Value Added Services through CLASS (Competency Leveraged Advanced Staffing & Solutions) Permanent Placement Services and Vendor Management Programs. 

Collabera recognizes true potential of human capital and provides people the right opportunities for growth and professional excellence. Collabera offers a full range of benefits to its employees including paid vacations, holidays, personal days, Medical, Dental and Vision insurance, 401K retirement savings plan, Life Insurance, Disability Insurance.

Job Description

Title: ArcSight Security Engineer

Duration: 6 months (Possibility to Hire)

Location: Fort Knox, KY

Description:

• Assist the customer and required to provide technical leadership on major tasks or technology assignments. 

• The ideal candidate will have a wide range of technical knowledge in Applicant should posses an in -depth understanding of ArcSight ESM, and be able to perform the functions of a Senior Analyst, Advanced Content Author, and Security Solutions Architect. 

• Applicant should be able to provide a practical solutions-based approach for design and implementation of a complete enterprise SIEM deployment, and understand methodologies, terms, concepts, and best practices within the context of the HP ArcSight product line.

Duties & Responsibilities:

• Assist in the Information Assurance Office activities to support with the installation, configuration, troubleshooting, customization and optimization of the ArcSight product suite and its dependencies. 

• This position requires strong knowledge in network security operations and familiarity with a variety of endpoint security products. 

• The candidate will develop ArcSight specific content including reports, filters, trends and dashboard content. The candidate must be experienced with ArcSight in order to provide optimization, tuning, and flex agent development. The successful candidate should be very experienced in IT networks, security systems design, and deployment and troubleshooting.

• Duties will include the ability to lead the installation, configuration, optimization and customization of ArcSight software and appliances. 

• Required to translate customer requirements into use cases, design and implement as ArcSight content. The ability to perform system administration for ArcSight components and create customized dashboards for ArcSight ESM and Logger to elevate high threat items to incident responders. DOD 8570 CNDSP Infrastructure certification is desired.

Qualifications

• Expert level knowledge in defining an organization’s ArcSight ESM Network Model

• Extensive experience implementing the ArcSight suite of software and appliances in an Enterprise Environment

• Experience developing ArcSight FlexConnectors

• Proficient in Unix scripting

• Ability to develop an ArcSight training program to be used to train our Systems Administrators, Network Administrators, Security Engineers, and Security Analysts in the efficient use of the ArcSight Suite

• A Bachelor’s degree from an accredited institution or equivalent in Computer Science, Information Systems, Engineering, or related technical discipline is required.

• Significant experience may substitute for minimum educational requirements.

• Must possess at least 8 years of hands on technical experience with a minimum of 5 year of experience in ArcSight ESM.

• Ability to Create Advanced ESM content for Security Use Cases in order to find, track and remediate security incidents, including: Using variables and correlation activities, Customizing report templates to use dynamic content and Customizing notification templates to send the appropriate notification based upon specific attributes of an event

Required Qualifications:

• ArcSight Certified Analyst (ACSA) and or ArcSight Certified Integrator Administrator (ACIA)

• Familiarity with network defense technologies including IDS/IPS, Firewalls, VPN

• Determine appropriate Logger/ESM architecture to address specific log management requirements

• Integrate Logger/ESM in peering and hierarchical deployments

• Optimize ArcSight SmartConnector configurations for a Logger/ESM integrated environment

• Identify types of criteria used to define system requirements

• Present a thorough compilation of the various architectures and the pros and cons of each

• Identify integration capabilities and best practices for each product

• Identify data sources and ESM resources required to fulfill the objectives of the use case

• Present multiple real-world scenarios that will be the basis of a complete implementation exercise

• Must possess a CompTIA Security+ certification (baseline certification - day 1 requirement)

• Minimum Certification as a DoD 8570 IAM II, must possess or able to obtain from hire date, within 6 months IAT Level II certification related to Release Management field

• Must hold an active Department of Defense Security Clearance (interim Secret minimum – day 1 requirement).

• Knowledge of DoD directives 8500.2, 8530.2, CJCSI 6510, and DISA STIGS- specifically requirements pertaining to the access and retention of network device logs.

• Strong customer service, organizational skills, knowledge of applicable DoD/Government policies and procedures.

• Demonstrated exceptional ability to troubleshoot complex systems required.

• Solid understanding of industry standard availability and security practices required.

Additional Information

To discuss on this, please contact:

Himanshu Prajapat

Call on: 973-606-3290

himanshu.prajapat(at)collabera.com