ArcSight Consultant - SIEM - ArccSight - CyberArk

This job has now expired please search on the home page to find live IT Jobs.

ArcSight Consultant required for an initial 3 month contract based in Gosport for a leading managed Services Provider specialising in IT and Information Security. The successful candidate must have previous Experience with design and implementation of ArcSight / SIEM monitoring solutions for Cloud Infrastructure (AWS and / or Azure). The successful candidate must be security cleared to SC level.

A SIEM / ArcSight Consultant with demonstrable experience and skills to support the following deliverables:

Telecoms Infrastructure

Review SIEM architectural design

Review the logging capability and the potential use cases against risks

ArcSight Connector sizing and whether LB and any other component is required

Work out whether FlexConnector is required

Content creation

Netflow & IPS (PoC)

Netflow analysis to understand the use cases which can be used to detect malicious activity in the tool and potentially to send to ArcSight

AWS Monitoring

Define an AWS Monitoring strategy:

Use experience and industry insight to identify the top risks/threats to AWS,

Define best practice security use cases

Identify log types to monitor.

O365

Review current LLD for connecting ArcSight with O365 and amend where necessary.

Create additional content for MCAS.

CyberArk

Assess the current remit of CyberArk monitoring and propose / deliver new content

Essential skills

** Expert / Master Level ArcSight SIEM Design

** Expert / Master Level ArcSight SIEM Engineering

** Expert / Master Level ArcSight SIEM Content Development

** Experience with design and implementation of ArcSight / SIEM monitoring solutions for Cloud Infrastructure (AWS and / or Azure)

Please note your CV will not be submitted for this or any other role without your prior approval.

SQ Computer Personnel Limited acts as both an Employment Agency and Employment Business.