Sep 19, 2018
Duration: 3 months Detailed Description
ArcSight division, is a leading global provider of Compliance and Security Management solutions that protect enterprises, education and governmental agencies.
ArcSight helps customers comply with corporate and regulatory policy, safeguard their assets and processes and control risk.
The ArcSight platform collects and correlates user activity and event data across the enterprise so that businesses can rapidly identify, prioritize and respond to compliance violations, policy breaches, cybersecurity attacks, and insider threats.
The successful candidate for this position will work on the ArcSight R&D team. This is a hands-on position that will require the candidate to work with data collected from various network devices in combination with the various ArcSight product lines in order to deliver content that will help address the needs of all of ArcSight’s customers. The ideal candidate will have a good understanding of enterprise security coupled with hands-on networking and security skills as well as an ability to write and understand scripting languages such as Perl, Python.
Research, analyze and understand log sources, particularly from various devices in an enterprise network
Appropriately categorize the security messages generated by various sources into the multi-dimensional ArcSight Normalization schema
Write and modify scripts to parse out messages and interface with the ArcSight categorization database
Work on content and vulnerability update releases
Write scripts and automation to optimize various processes involved
Understand content for ArcSight ESM, including correlation rules, dashboards, reports, visualizations, etc.
Understand requirements to write content to address use cases based on customer requests and feedback
Assist in building comprehensive, correct and useful ArcSight Connector and ESM content to ArcSight customers on schedule.
Requirements
Excellent knowledge of IT operations, administration and security
Hands-on experience of a variety of different networking and security devices, such as Firewalls, Routers, IDS/IPS etc.
Ability to examine operational and security logs generated by networking and security devices, identify the meaning and severity of them
Understand different logging mechanisms, standards and formats
Very strong practical Linux-based and Windows-based system administration skills
Strong scripting skills using languages (Shell, Perl, Python etc), and Regex
Hands-on experience of database such as MySQL
Knowledge of Security Information Management solution such as ArcSight ESM
Experience with a version control system (Perforce, GitHub)
Advanced experience with Microsoft Excel
Excellent written and verbal communication skills
Must possess ability and desire to learn new technologies quickly while remaining detailed oriented
Strong analytical skill and problem solving skills, multi-tasking.
Pluses:
Network device or Security certification (CISSP, CEH etc)
Experience with application server such as Apache Tomcat
Work experience in security operation center (SOC).
Apply via :
Applicants should send their updated CV’s in MS Word/PDF format and Cover Letters to: careers@ecscorpresources.com with “ArcSight Delivery Quality Assurance, Network Security” as the subject of the mail.
https://www.myjobmag.com/job/104371/arcsight-delivery-quality-assurance-resource-engineer-network-security-ecscorp-resources