ArcSight Engineer

• Deploy new ESM, Loggers, SmartConnectors/FlexConnectors as required to collect data feeds.
• Assist in the proper operation and performance of ArcSight ESM, Loggers and connectors. 
• Integration of data feeds (logs) into ArcSight. Perform Content Development to properly identify data feeding ArcSight. Develop filters to assist in the identification of significant events. 
• Coordinate with client engineering staff for modifications, downtimes, and upgrades. 
• Develop reports (manual and automated) to support the development, collection, and reporting of Quality Assurance and Performance metrics (as defined by the client). 
• Develop dashboards/reports for external customers for system monitoring.
• Provide ad-hoc training to analysts focusing on specific client missions, including generic ArcSight training sessions and Custom Use Case training sessions.
• Provide recommendations and implement changes to optimze ArcSight products in the customer environment.
• Support the client in fact finding or case supporting tasks as it relates to ArcSight.
• Evaluate relative ArcSight product advancements and provide recommendations to the customer
  

Candidates must have content development experience, some scripting experience, and IdentityView knowledge is preferred but not mandatory.   Candidates should also have real/significant experience developing content/use cases and have experience with Flex Connectors.

Linux experience is strongly recommended.

ArcSight ESM Security Analyst (AESA) --- formally ArcSight Certified Security Analyst (ACSA) ; ArcSight ESM Integrator/Administrator (AEIA) --- formally ArcSight Certified Integrator/Administrator (ACIA); and ArcSight Advanced Administration certifications are strongly preferred.