ArcSight Consultant - SIEM - ArccSight - CyberArk
Recruiter
Listed on
Location
Salary/Rate
Type
Start Date
This job has now expired please search on the home page to find live IT Jobs.
ArcSight Consultant required for an initial 3 month contract based in Gosport for a leading managed Services Provider specialising in IT and Information Security. The successful candidate must have previous Experience with design and implementation of ArcSight / SIEM monitoring solutions for Cloud Infrastructure (AWS and / or Azure). The successful candidate must be security cleared to SC level.
A SIEM / ArcSight Consultant with demonstrable experience and skills to support the following deliverables:
Telecoms Infrastructure
Review SIEM architectural design
Review the logging capability and the potential use cases against risks
ArcSight Connector sizing and whether LB and any other component is required
Work out whether FlexConnector is required
Content creation
Netflow & IPS (PoC)
Netflow analysis to understand the use cases which can be used to detect malicious activity in the tool and potentially to send to ArcSight
AWS Monitoring
Define an AWS Monitoring strategy:
Use experience and industry insight to identify the top risks/threats to AWS,
Define best practice security use cases
Identify log types to monitor.
O365
Review current LLD for connecting ArcSight with O365 and amend where necessary.
Create additional content for MCAS.
CyberArk
Assess the current remit of CyberArk monitoring and propose / deliver new content
Essential skills
** Expert / Master Level ArcSight SIEM Design
** Expert / Master Level ArcSight SIEM Engineering
** Expert / Master Level ArcSight SIEM Content Development
** Experience with design and implementation of ArcSight / SIEM monitoring solutions for Cloud Infrastructure (AWS and / or Azure)
Please note your CV will not be submitted for this or any other role without your prior approval.
SQ Computer Personnel Limited acts as both an Employment Agency and Employment Business.