ArcSight Engineer

Key Responsibilities

• Responsible for ArcSight support across multiple complex and diverse networks. Work with customers, project managers, and IT engineering teams to gather requirements that are used to design and deliver technical solutions.
• Performs technical improvements within the managed services tools to deliver world class customer service. Requires the creation and maintenance of documentation to include Use Cases, SOPs, MOPs as well as incident management reports.
• Research and formulate templates, rules, alerts, dashboards and business flows with minor oversight. Perform installation, configuration, and technical administration of ArcSight product components, to include: ArcSight ESM and Logger.
• Use the ArcSight SIEM for real-time alerting into our existing Network Management System. Develop Use Cases on the ArcSight platform that address the latest security scenarios, threats, and regulatory compliance issues.
• Proactively monitor and report on current security threats as they relate the company's deployed product. Collect and analyze security requirements from internal customers; reconcile and remediate any conflicts with information security policies and standards.
• Design and test security solutions utilizing existing products in the security engineering portfolio: firewalls, proxy servers, intrusion detection/prevention, data loss prevention, anti-virus, anti-spam, vulnerability scanning, security information and event management.
• Implement security solutions, or work with vendor partners to implement solutions per the organization's change management process and procedures
• Provide operational oversight of vendor's performance in managing security solutions.
• Manage work requests (Service Now) related to security incidents and security engineering services; works with users, IT support staff and vendor partners to troubleshoot and resolve problems associated with security products and related processes

• Develop and maintain documentation of the design, implementation and operation of security products and processes.

• Work with vendor partners to monitor security products for evidence of unauthorized activities or violation of the organization's security policies, standards and procedures; reports incidents and violations to management.

• Develop, implement and execute control activities to ensure that security products, processes and procedures are working as intended; remediate any deficiencies detected

• Develop and collect metrics that measure the volume and trends of work activities and events within the security operations capability; provides regular reports to management.

• Assess risks to the confidentiality, integrity and availability of the organization's information assets; makes risk treatment recommendations to management; researches, evaluates, and recommends new security products, processes and procedures.

Minimum Requirements:

• 9+ years experience required: In a network or security engineering role, experience with the majority of the products in the organization's security portfolio, solid understanding of networking/information security risk management, proficiency with email, messaging/MS Office tools.

• Four-year degree required: Bachelor's Degree in Computer Science, Software Engineering, IS, or similar discipline or equivalent work experience

Preferred:

• Experience with all products in the organization's security portfolio.

• Basic understanding of ITIL Principles and/or ITIL Foundation Certification

• Advanced degree preferred: Master's Degree in Computer Science, Software Engineering, Information Systems, or similar discipline

• Preferred: Cert Info Security Professional (CISSP), Cert Info Systems Auditor (CISA), or Global Info Assurance Cert (GIAC)