Arcsight SME

This job has now expired please search on the home page to find live IT Jobs.

Specialist, focussing on design and content development and on-boarding of new customers within our SIEM environment, encompassing HP ArcSight ESM, Logger and SmartConnector components.

This will provide you with an opportunity to work in a growing business area supporting and developing capabilities within our Security Operations Centre (SOC). The role will allow you to make a rewarding personal contribution to help us achieve the position as a global leader in Cyber security and as a Managed Security Service Provider (MSSP)

The BAE Systems Applied Intelligence SOC is based on a 40 year heritage and monitors a varied customer base providing exposure to a wide range of security products, attack groups and cyber threats. Working with our global Engineering teams you will further develop your skills within SIEM systems but also gain access and experience of specialist in-house technologies using big data technologies such as Hadoop and our CyberReveal product set.

What you'll be doing

You will join an energetic and experienced Engineering team as a SIEM specialist and Subject Matter Expert (SME). This work will focus on the design and implementation of solutions to on board new customers onto our Network Security Monitoring (NSM) platform as well as the establishment of best practice during customer transition projects. You will also have a vital role in the planning and execution of continuous service improvement activities.

Design and implementation work will include on-boarding of new event sources and the creation of content ( reports, rules, dashboards etc. ) where required in the ArcSight Data Platform, production of dashboards and reports to enable effective system management and monitoring, measurement of operational metrics and KPIs in addition to tailoring report information for our customers.

You will work in conjunction with solution architects and administrators and will be expected to perform hands-on development work. You will also work closely with our Threat Intel, Security Analyst and Operational Support teams. The role will require infrequent trips between our Guildford & Leeds service locations.

What we're looking for:

Essential:

*Prior experience administering the ArcSight Data Platform (ADP)

*Experience in creating and troubleshooting parsers for Standard Smart Connectors and FlexConnectors

*Knowledge of Regular Expressions

*Experience in on-boarding new event sources onto the ArcSight Data Platform

*Working knowledge of some or all off the following: network, database, and security toolsets with respect to event data processed by the ArcSight Data Platform

*Disciplined in the engineering lifecycle and formal change management

*Excellent communication skills, both written and verbal

*Self-motivated with the ability to lead others and prioritise workload

Desirable:

*ArcSight ESM Administrator (AEIA) certification for ESM 6.5

*Received formal ArcSight Connector Appliance or ArcSight Management centre (ArcMC) Administration training

*Received formal ArcSight FlexConnector Configuration training

*Demonstrable working knowledge of CEF

*Python (or other related) scripting experience

*Experience of developing content for the ArcSight Data Platform (ADP)

*Received formal Operational support training (ITIL)

*Experience of working within a SOC environment

LA International Computer Consultants Ltd is an HMG Approved Consultancy and operates as an IT & Engineering Consultancy or as an Employment Business & Agency, depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, we welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International Computer Consultants Ltd (Recruiter Awards for Excellence - Best IT, Best Public Sector & Gold Awards) and the most prestigious award that any business can receive The Queens Award for Enterprise: International Trade 2015.