This Job Vacancy has Expired!

Senior ArcSight Engineer

Randstad Sourceright kft

Posted on Oct 24, 2020 by Randstad Sourceright kft

Not Specified, United Kingdom
IT
Immediate Start
Annual Salary
Contract/Project


Role: Senior ArcSight Engineer
Client: 1 of UK's largest telecommunications services providers
Location: Remote, UK with occasional travel to Greater London offices
Role Type: Short term contract until the end of 2020 to begin with

Team Overview:
The team are responsible for supporting a multitude of security controls within the business. Support may incorporate consultation, design, development, as well as in-life support. Product areas which may be supported by the team include IPS, DLP, SIEM, IRP, and Vulnerability Scanning.

Role Overview:
The position is focused on on-boarding assets into the SIEM solution. Tasks may include identification of optimal secure ingestion methods through to designing, developing, and enhancing correlation and trending on events ingested.

Key Responsibilities:
Evaluation of logs generated by a product/solution and identification of log ingestion method.
Creation and/or optimisation of logs ingested or soon to be ingested into the SIEM solution - This may include multi-line parsing via syslog.
Troubleshooting and assisting in resolution of blockers for the ingestion of events into the SIEM solution.
Where required, creation and optimisation of new/existing correlation implementations associated with the log ingestion.
Documentation of the above.

Essential Skills Required:
Advanced knowledge of ArcSight SmartConnectors, Loggers, ArcMC, and ESM.
Advanced knowledge of ArcSight parsers, including development and overrides.
Knowledge of regular expression, Linux CLI, and Windows.
Knowledge of Linux and Windows Auditing.




Reference: 981432122

Set up alerts to get notified of new vacancies.