SIEM ArcSight Specialist

Alphalogic is a global technology solutions company headquartered in the Washington, DC metropolitan area. Alphalogic offers a wide range of technology and consulting services; predictive analytics, data warehousing & BI, cloud consulting, web & mobile application development.

Cutting-edge Technologies
Our company’s core competencies are cloud and mobile computing; healthcare solutions and services; data warehousing-analytics- business intelligence; and enterprise collaboration-content management. Alphalogic teams are continually deploying emerging technologies to meet our clients’ current challenges.

Industry Best Practices
Alphalogic specializes in the effective use of industry-standard frameworks such Agile, for helping our clients achieve quick wins and reduce cycle times.

Alphalogic is looking for someone who has strong ArcSight administration skills AND the ability to script with Python and/or Perl.  Good communication skills are a must.   

Alphalogic is looking for an ArcSight Security Systems Specialist for one of our leading clients in Washington, DC.

Responsibilities:

• Perform upgrades on the ArcSight components include the managers, databases, connectors and various appliances

• Investigate technical issues related to ArcSight Infrastructure operations

• Review and interpret events generated by various components including firewalls, switches, application software, databases and operating systems

• Generate ad-hoc reports upon request from logger or manager

• Ensure all reports are completed and rerun where necessary

• Investigate and debug alerts

• Perform package migration

• Perform QA and Testing of Content

• Review configurations for potential security weaknesses.

• Develop ArcSight Content including rules, reports and dashboards

• Perform QA (Quality Assurance) function on content developed by other parties

• Develop new custom connectors to integrate site specific data

• Test and integrate ArcSight provided connectors

• Integrate ArcSight event actions into other Client systems

• Liaise with vendors

• Design and develop innovative methods of automating and taking remedial measures integrating with multiple technologies.

• Produce documentation on designs and content developed

• Provide expert technical support

• Develop/Maintain Knowledge Base Articles describing alert actions

• Educate local staff on ArcSight usage and best practices.

Background needed:

• Minimum University/College degree in a technical discipline (Computer Science or Engineering preferred)

• Minimum 8 years of Information Security experience required; out of which an individual has worked in managing, administering ArcSight infrastructure for a minimum period of 3 years.

• Developing business rules, logic for a minimum period of 3 year

• Certification - ArcSight ESM Certified Security Administrator (ACSD) or Certification - ArcSight ESM Certified Security Analyst (AESA)

• Detailed knowledge of at least one operating system (prefer Windows and/or Linux)

• Experience in the operation of a large ArcSight Event Management System

• Experience in the development of ArcSight Content

• Experience in the configuration and management of ArcSight Appliances and flex/ custom connectors

• Detailed knowledge of firewalls and networking devices

• Ability to work independently with minimum supervision

• Ability to openly share/discuss ideas and suggestions with team members

• Ability to explore and investigate new products and solutions

• High level of attention to detail and accuracy

• High ethical standard

• Proven experience in scripting (Perl or Python)

No C2C or Agency candidates. Local candidates are strongly encouraged to apply.