Full Time Employee Contractor
The Senior Cyber Security Engineer (SIEM) works with a complex and growing Security Information and Event Management (SIEM) infrastructure that collects security log data from enterprise security technologies, systems, and other sources, and analyzes that data for signs of compromise, attacks or other malicious activity. This position focuses on ArcSight content creation and involves building and implementing event correlation rules, logic, alerts, reports, and content. This position also involves:
Establishing and satisfying information assurance and security requirements based upon the analysis of user, policy, regulatory, and resource demands.
Applying know-how to government and commercial common user systems, as well as to dedicated special purpose systems requiring specialized security features and procedures.
Performing analysis, design, and development of security features for system architectures.
Designing, developing, engineering, and implementing solutions that meet security requirements.
Providing integration and implementation of the computer system security solution.
1. Must have the ability to build and implement event correlation rules, logic, and content in the security information and event management system with experience in Arcsight products preferred.
2. Must have the ability to tune the SIEM event correlation rules and logic to filter out security events associated with known and well established network behavior, known false positives and/or known errors
3. Experience creating scheduled and ad-hoc reporting with SIEM tools is preferred.
4. Training in a computer related discipline and more than 7 years of experience in installing and/or working with products to be used for securing systems, particularly intrusion detection and analysis systems and processes.
5. Knowledge of installing, configuring, operating, maintaining, and using security appliances and solutions (i.e. SIEM systems, firewalls, IDS/IPS)
6. Possess lead experience making recommendations for configuring the security posture of operational systems.
7. Advanced Certifications in security products and applications and other security related COTS products are desired but not required.
Bachelor’s Degree in computer engineering, computer science, or other closely related IT discipline or equivalent is preferred and at least 7 years of related experience.
Key Words: Arcsight ESM, Cyber Security, Intrusion Detection, IDS, IPS, GCIA, CISSP, CEH, CIH, Wireshark, Snort
To apply for this job, contact: