Thursday, June 29, 2017

Arcsight Administrator

Title: Arcsight Administrator
Location: Bellevue, WA
Duration: 1 year
Client: TMobile

Description: ArcSight Administration Responsible for the large scale ArcSight deployment including capacity planning, maintenance, and operations.

Description: ArcSight Administration
Responsible for the large scale ArcSight deployment including capacity planning, maintenance, and operations.

Additional Skills: Skills
* Detail oriented
* Excellent communication skills, both written and oral
* Ability to work independently
* Processes and procedure documentation
Scripting
* Strong knowledge of Information Security Products and Techniques (SIEM, Firewall, Intrusion Prevention (IDS/IPS)
* Strong working knowledge of operating systems (i.e.: Windows, UNIX, RedHat Linux) and RDBMS Systems such as Oracle, MYSQL and MS SQL
* Strong Network experience and fluency in Enterprise architectures
Linux experience
* 5 plus years’ experience with ArcSight
Responsibilities
* Administration of ArcSight SIEM environment
* Capacity planning
* ArcSight Architecture
* Perform day-to-day analysis on ArcSight servers and associated components to verify stability and optimize performance
* Deploy ArcSight devices (connectors, Loggers, ESM)
* Testing, implementation and configuration of patches and upgrades
* Research, analyze and understand logs source from various devices in the network for acquisition and integration in ArcSight
* Smart connector management and Flex connector development
* RMA of failed hardware
* Troubleshooting and break fix
* Write scripts and automation to optimize various processes involved
* Author Standard Operating Procedures (SOPs) and training documentation when needed
* Provide support in researching, designing, testing, and implementing new technologies that will enhance the organizations capabilities.

Preferred Skills:
Knowledge of the following technologies a plus:
  • Intrusion Detection / Prevention Systems for networks and hosts
  • Security Event Management Systems
  • Vulnerability Assessment Systems
  • Secure transfer protocols such as SSH, SCP and Connect Direct Secure Plus Diagnostic tools such as packet capture/decode and WAN probes IP Networking
  • Windows Systems administration and security tools
  • Experience with remote access, terminal servers, etc a plus
  • Experience in the administration of UNIX Solaris, HP/UX, or Linux and Windows operating systems a plus
  • Experience in developing and administering an information security program desirable
  • Working knowledge of and experience in the policy and regulatory environment of information security, especially in higher education is desirable 

Hussain
(BDM)
34405 W 12 Mile Rd, Suite #137, Farmington Hills, MI 48331.