ArcSight Engineer

Remote: N
Location: Colorado Springs, CO & Huntsville, AL
Clearance: Secret
Salary: $160,000 – $187,000/yr

 

We are seeking a Micro Focus (formerly Hewlett Packard) ArcSight Engineer that has a strong Linux Administration background to be responsible for configuration, implementation, testing, and performance enhancements for ArcSight appliances (loggers, smart connectors, forwarders, ArcMCs, and ESM). The candidate should have some experience in Computer Network Defense (CND), some architectural design experience as well as hands-on experience with ArcSight.

 

Qualifications:

  • Must be a US Citizen
  • Required Education: Bachelor’s degree
  • Must have an active DoD SECRET clearance and be able to obtain a TS/SCI clearance
  • Must have 3+ years of ArcSight ESM software (implementation & maintenance)
  • Must have 5+ years of Network Security experience
  • Must have 3+ years of Linux Administration experience (including the command line interface)
  • Experience developing solutions to enhance availability, performance, maintenance, and security of the enterprise systems
  • Strong SQL experience
  • Experience with REGEX scription
  • Ability to perform custom parsing
  • Scripting experience (bash preferred)
  • Networking background (familiarity with common ports/protocols, firewalls/proxy)
  • Excellent written and verbal communication

Responsibilities:

  • Perform as the subject matter expert on ArcSight ESM software and industry best practices around Security Operations for the customer
  • Provide consulting advice to customer senior Information Technology (IT) leadership and sets strategic direction for customers based on HP/ArcSight’s solutions and products.
  • Responsible for the configuration, implementation, testing, and performance enhancements for ArcSight appliances 7.x (loggers, smart connectors, forwarders, ArcMCs, ESM including filter & channel configuration)
  • Use ArcSight Enterprise Security Manager (ESM) in the daily operational work and workflow of the end customer
  • Administer ArcSight ESM software platform at the customer site
  • Advise customers on best practices and use cases on how to use ArcSight to achieve customer end state requirements
  • Demonstrate the ability to develop solutions that can be used at multiple customer sites to enhance the availability, performance, maintainability and security of their enterprise systems.
  • Proactively encourage and lead technically significant work on enterprise scale projects
  • Responsible for providing a detailed technical expertise for enterprise security solutions.
  • Mentor other engineers on the team when needed
  • Provide the technical direction required to resolve complex issues to ensure the on-time delivery of solutions that meet customer expectations. May need to develop new methods to apply to situations.
  • Provide advanced technical consulting and advice to proposal efforts, solution design.
  • Create, maintain, and implement detailed documentation and standard operating procedures.
  • Perform troubleshooting of ArcSight components and applications when security events are not getting collected or collection reaches storage capacity.
  • Maintain the latest ArcSight configuration to address known exploits and collect required security events.
  • Develop automated reporting dashboards within the existing ESM system to provide near real-time reporting of computer system compliance information and maintain overall visibility for all connected assets.
  • Modify the ArcSight operational parameters (filters, channels, rulesets, etc.) when requested.
  • Perform regularly required reporting and monitor applicable security resources for updated requirements and compliance directions.
  • Work with peers outside immediate organization to define and characterize complex technology or process problems and/or develop new solutions yet work independently to drive technical problems to a solution.
  • Develop reusable solutions and workarounds that are innovative and demonstrate a deep technical knowledge of the affected products, processes, and the customer environment.

 

Required Certifications: Security+ and/or CISSP (both preferred)

Job Category: Information Technology
Job Type: Full Time
Job Location: AL CO

Apply for this position

Allowed Type(s): .pdf, .doc, .docx