[Close] 

ArcSight ESM - Senior Analyst & Release Architect Job

Company Name:
SAIC
ArcSight ESM - Senior Analyst & Release Architect (Job Number:405693)
Description:
Assist in the Information Assurance Office activities to support with the installation, configuration, troubleshooting, customization and optimization of the ArcSight product suite and its dependencies. This position requires strong knowledge in network security operations and familiarity with a variety of endpoint security products. The candidate will develop ArcSight specific content including reports, filters, trends and dashboard content. The candidate must be experienced with ArcSight in order to provide optimization, tuning, and flex agent development. The successful candidate should be very experienced in IT networks, security systems design, and deployment and troubleshooting.
Duties will include the ability to lead the installation, configuration, optimization and customization of ArcSight software and appliances. Required to translate customer requirements into use cases, design and implement as ArcSight content and perform database sizing, configuration, tuning, and troubleshooting. The ability to perform system administration for ArcSight components and create customized dashboards using Security Information and Event Management (SIEM) tool ArcSight Event Security Manager (ESM) to elevate high threat items to incident responders. DOD 8570 CNDSP Infrastructure certification is desired.
Minimum Qualifications:
JDBC Driver Installation
Windows Unified Connector
McAfee ePolicy Orchestrator Connector
CheckPoint OPSEC NG Connector
Sourcefire eStreamer Connector
Symantec Endpoint Protection Connector
Nessus Scanner Connector
Delimited File FlexConnector
Syslog FlexConnector
RegEx FlexConnector
SNMP FlexConnector
Assist in the Information Assurance Office activities to support with the installation, configuration, troubleshooting, customization and optimization of the ArcSight product suite and its dependencies. This position requires strong knowledge in network security operations and familiarity with a variety of endpoint security products. The candidate will develop ArcSight specific content including reports, filters, trends and dashboard content. The candidate must be experienced with ArcSight in order to provide optimization, tuning, and flex agent development. The successful candidate should be very experienced in IT networks, security systems design, and deployment and troubleshooting.
Duties will include the ability to lead the installation, configuration, optimization and customization of ArcSight software and appliances. Required to translate customer requirements into use cases, design and implement as ArcSight content and perform database sizing, configuration, tuning, and troubleshooting. The ability to perform system administration for ArcSight components and create customized dashboards using Security Information and Event Management (SIEM) tool ArcSight Event Security Manager (ESM) to elevate high threat items to incident responders. DOD 8570 CNDSP Infrastructure certification is desired.
Minimum Qualifications:
JDBC Driver Installation
Windows Unified Connector
McAfee ePolicy Orchestrator Connector
CheckPoint OPSEC NG Connector
Sourcefire eStreamer Connector
Symantec Endpoint Protection Connector
Nessus Scanner Connector
Delimited File FlexConnector
Syslog FlexConnector
RegEx FlexConnector
SNMP FlexConnector
Qualifications:
A Bachelor's degree from an accredited institution or equivalent in Computer Science, Information Systems, Engineering, or related technical discipline is required. Four additional years of experience may be considered in lieu of a degree.
Significant experience may substitute for minimum educational requirements.
Must possess at least 8 years of hands on technical experience with a minimum of 5 year of experience in ArcSight ESM.
Ability to Create Advanced ESM content for Security Use Cases in order to find, track and remediate security incidents, including: Using variables and correlation activities, Customizing report templates to use dynamic content and Customizing notification templates to send the appropriate notification based upon specific attributes of an event
Must be able to work independently and provide timely status updates, as well as be able to manage multiple tasks
Must be a highly effective communicator (both verbal and written) and possess excellent analytical and problem-solving skills
A self-starter, performing day-to-day tasks with minimal supervision but working effectively with immediate and cross-functional team members
Required Qualifications:
ArcSight Certified Analyst (ACSA) and or ArcSight Certified Integrator Administrator (ACIA)
Familiarity with network defense technologies including IDS/IPS, Firewalls, VPN
Determine appropriate Logger/ESM architecture to address specific log management requirements
Integrate Logger/ESM in peering and hierarchical deployments
Optimize ArcSight SmartConnector configurations for a Logger/ESM integrated environment
Identify types of criteria used to define system requirements
Present a thorough compilation of the various architectures and the pros and cons of each
Identify integration capabilities and best practices for each product
Identify data sources and ESM resources required to fulfill the objectives of the use case
Present multiple real-world scenarios that will be the basis of a complete implementation exercise
Must possess a CompTIA Security+ certification (baseline certification - day 1 requirement)
Minimum Certification as a DoD 8570 IAM II, must possess or able to obtain from hire date, within 6 months IAT Level II certification related to Release Management field
Must hold an active Department of Defense Security Clearance (interim Secret minimum - day 1 requirement).
Knowledge of DoD directives 8500.2, 8530.2, CJCSI 6510, and DISA STIGS- specifically requirements pertaining to the access and retention of network device logs.
Strong customer service, organizational skills, knowledge of applicable DoD/Government policies and procedures.
Demonstrated exceptional ability to troubleshoot complex systems required.
Solid understanding of industry standard availability and security practices required.
Solid verbal and written communication skills required
SAIC Overview:SAIC is a leading provider of technical, engineering and enterprise information technology services to the U.S. government. Our 13,000 employees deliver systems engineering and information technology offerings for large, complex government programs, as well as a broad range of higher-end, differentiated technology services. The company is headquartered in McLean, Va. For more information, visit .
EOE AA M/F/Vet/Disability
Job Posting: Aug 28, 2014, 12:32:17 PM
Primary Location: United States-KY-FORT KNOX
Clearance Level Must Currently Possess: None
Clearance Level Must Be Able to Obtain: Secret
Potential for Teleworking: No
Travel: Yes, 10% of the time
Shift: Day Job
Schedule: Full-time
Req ID: T405693
Date: Thu, 28 08 2014 00:00:00 GMT
Country: US
State: KY
City: Fort Knox
Postal Code: 40121
Locale: en_US

Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.