ArcSight Sytems Administrator - Military veterans preferred

ManTech (


  full-time   employee   contract

United States

The ArcSight Administrator will perform standard O&M activities for the
ArcSight Security Information and Event Management (SIEM) infrastructure
supporting the cyber security monitoring and response methodology in accordance
with TSA infrastructure program requirements.

  • Operate and tune ArcSight.
  • Use SIEM tools to monitor and
    analyze network performance and Cyber Security incidents and reports to
    detect vulnerabilities and anomalies or problems or issues.
  • Use ArcSight Event Security
    Manager (ESM) to elevate threat items to incident responders.
  • Develop ESM rules, reports, dashboards,
    data monitors, active channels, trends, and use cases to identify threats
    and optimize data mining.
  • Perform analysis of current
    configuration and proposed configurations to ensure compatibility within
    the overall system.
  • Analyze threat information
    gathered from logs, Intrusion Detection Systems, intelligence reports,
    vendor sites, and a variety of other sources.
  • Research, plan, install,
    configure, troubleshoot, maintain, and back up all components in the
    ArcSight Enterprise Log Management (ELM) architecture.
  • Apply knowledge of ArcSight ESM
    expertise to conceptualize, design, and build secure technical solutions,
    including operationally viable and efficient applications, systems,
    architectures, and infrastructure.
  • Direct on the design and innovative
    integration of Cybersecurity toolsets to enable more automated discovery,
    remediation, and alerting of network and device vulnerabilities as a means
    of improving the security posture while reducing manpower requirements.
  • Troubleshoot and develop solutions
    for anomalies both remotely and locally for ArcSight Logging solutions.