Cyber Security Engineer - ArcSight
The Cyber Securitt Engineer is required to support normal onboarding activities for ArcSight components, such as Connector, Logger and ESM. The ArcSight Engineers will be joining a team of multiple ArcSight engineers working on a security application. The project is deploying ArcSight SIEM solution.
Duties will include install/configure, device onboarding support such as advice and support to application owners on required log settings, facilitation of log collection requirements such as networking request, request of service accounts, sub parsers and flex creation, rationalisation and reporting of onboarding progress and application support in the event of an issue.
- Experience integrating log sources with SIEM solutions (ArcSight)
- ArcSight FlexConnector development, including multi-line log files, Extra-Processors and conditional mapping
- Excellent communication skills, verbal and written. Including the ability to communicate with internal and external senior management confidently and demonstrate their professionalism and expertise.
- Excellent problem solving abilities, capable of identifying root causes and novel approaches to achieve the goal.
- Knowledge of key Information Security and Compliance Frameworks.
- Experience of working in a secure environment.
Must Have Experience
- ArcSight onboarding experience
- Experience of working in a public sector secure environment
- ArcSight content experience