ArcSight Sytems Administrator - Military veterans preferred
2018-10-25 ManTech (www.mantech.com)
Chantilly Virginia United States
The ArcSight Administrator will perform standard O&M activities for the ArcSight Security Information and Event Management (SIEM) infrastructure supporting the cyber security monitoring and response methodology in accordance with TSA infrastructure program requirements.
Operate and tune ArcSight.
Use SIEM tools to monitor and analyze network performance and Cyber Security incidents and reports to detect vulnerabilities and anomalies or problems or issues.
Use ArcSight Event Security Manager (ESM) to elevate threat items to incident responders.
Develop ESM rules, reports, dashboards, data monitors, active channels, trends, and use cases to identify threats and optimize data mining.
Perform analysis of current configuration and proposed configurations to ensure compatibility within the overall system.
Analyze threat information gathered from logs, Intrusion Detection Systems, intelligence reports, vendor sites, and a variety of other sources.
Research, plan, install, configure, troubleshoot, maintain, and back up all components in the ArcSight Enterprise Log Management (ELM) architecture.
Apply knowledge of ArcSight ESM expertise to conceptualize, design, and build secure technical solutions, including operationally viable and efficient applications, systems, architectures, and infrastructure.
Direct on the design and innovative integration of Cybersecurity toolsets to enable more automated discovery, remediation, and alerting of network and device vulnerabilities as a means of improving the security posture while reducing manpower requirements.
Troubleshoot and develop solutions for anomalies both remotely and locally for ArcSight Logging solutions.