Monday, March 23, 2015

Information Security Consultant

Job Title: Security Consultant
Location: Westlake,TX 


Job Description:
  • The SIEM Engineer is responsible for supporting the event logging and correlation needs of a large company.
  • The person in this role will work as part of a security team responsible for protecting the company's IT assets.
  • This person will not only be experienced with the traditional use of SIEM tools such as ArcSight but will also be able to advise Company staff SIEM plans with an eye toward virtualization.
  • This person needs to be very comfortable with all aspects of logging including the agents and should be able to troubleshoot logging problems either on the servers or workstations.
Essential Duties & Responsibilities
  • Support all aspects of Company's Security Information and Event Management initiative.
  • Participate in the operation of ArcSight Security Information and Event Management systems to include ArcSight ESM, Logger appliances, Windows and Linux servers, network devices and backups.
  • Configure rules within Arcsight ESM to correlate events from various devices throughout the network and identify anomalies that require further investigation.
  •  Participate in the design and implementation of ArcSight architecture upgrades and changes.
  • Establish plans to implement architecture changes.
  • Life-cycle management of the ArcSight platforms including coordination and planning of upgrades, new deployments, and maintaining current operational data flows.
  • Apply Configuration Management disciplines to maintain hardware/software revisions, ArcSight content, security patches, hardening, and documentation.
  • Develop content for a complex and growing ArcSight infrastructure. This includes use cases for Dashboards, Active Channels, Reports, Rules, Filters, Trends, and Active Lists.
  • Provide optimization of data flow using aggregation, filters, etc.
  • Create periodic reports for management showing the health of the SIEM program.
  •  Working closely with Company team to maintain security requirements for operation of
  • ArcSight systems.
  • Support all aspects of Company's Security Information and Event Management initiative.
  • Drive the development and the establishment, enhancement, and continual improvement of an integrated set of correlation rules, alerts, searches, reports, and responses.
  • Responding to day-to-day security requests relating to ArcSight operations.
  • Tunes ArcSight performance and event data quality to maximize ArcSight system efficiency.
  • Assists with analyst using ArcSight and other tools to detect and respond to IT security incidents.
  • Perform routine equipment checks and preventative maintenance.
  • Act as SME for all questions related to the ArcSight SIEM implementation.
  • Maintaining up to date documentation of designs/configurations.
  • Create shell and perl scripts to facilitate automated tasks.
  • Work with other Service Providers to support areas of common interest.
  • Working with software and hardware vendors.
  • On-call support may be required.
  • Perform other duties as assigned.
  • Desired Skills and Experience
  • BS in Computer Science or equivalent experience and education
  • A minimum of five years of experience as a security generalist
  • At least one year of experience using ArcSight or three or more years working with another SIEM product
  • Familiarity with the client application Snare
  • Understanding of logging on various operating systems including Windows and *nix
  • A basic understanding of networking principles
  • Strong written and verbal communication skills
  • CISSP or ArcSight or GCIA certification
 Preferred Knowledge and Skills
  • Bachelor's Degree
  • Experience acquired through working in a large IT environment
  • Understanding of ITIL standards

If you are qualified, available, interested, planning to make a change, or know of a friend who might have the required qualifications and interest, please call me ASAP at  (732) 318-3811 even if we have spoken recently about a different position. If you do respond via e-mail please include a daytime phone number so I can reach you.


Also, please take a few minutes to answer some of the questions below as they will help me qualify your candidature
Full Legal Name as in Driving License/ Passport:
Preferred email ID:
Day/ Evening phone numbers:
Current Location:                                       
Work Authorization:
Earliest availability for Phone/ On-Site interview:
Hourly Rate:
Earliest possible start date: 
Two Professional References:

Also, be aware that our client conducts an extensive background checks on candidates who are extended offers of employment. 

Deepak Mishra
Gtalk ID-
eTeam Inc
(732) 318-3811
1001 Durham Avenue Suite 201
South Plainfield, NJ, 07080