- Deploy new ESM, Loggers, SmartConnectors/FlexConnectors as required to collect data feeds.
- Assist in the proper operation and performance of ArcSight ESM, Loggers and connectors.
- Integration of data feeds (logs) into ArcSight. Perform Content Development to properly identify data feeding ArcSight. Develop filters to assist in the identification of significant events.
- Coordinate with client engineering staff for modifications, downtimes, and upgrades.
- Develop reports (manual and automated) to support the development, collection, and reporting of Quality Assurance and Performance metrics (as defined by the client).
- Develop dashboards/reports for external customers for system monitoring.
- Provide ad-hoc training to analysts focusing on specific client missions, including generic ArcSight training sessions and Custom Use Case training sessions.
- Provide recommendations and implement changes to optimize ArcSight products in the customer environment.
- Support the client in fact finding or case supporting tasks as it relates to ArcSight.
- Evaluate relative ArcSight product advancements and provide recommendations to the customer
Applicants selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. Must be a Canadian citizen. Canadian Government Top Secret with Special Access clearance is required.
Candidates must have at least 2 years of hands-on working experience with ArcSight. Should be familiar with deploying, installing and administering ArcSight ESM on a variety of environments.
Candidates must have content development experience, some scripting experience, and IdentityView knowledge is preferred but not mandatory. Candidates should also have real/significant experience developing content/use cases and have experience with Flex Connectors.
ArcSight certification preferred but not required.