Job Description :
Job Title: ArcSight Consultant
Work Location: Chicago, IL
Duration: 10 Months
No. of Positions: 2
C2C, W2

We are currently looking for a strong Arc Sight experienced resource with a good hand on experience. We are currently waiting to hear from our internal talent sourcing system to see if we can find any third-party contractor to support 8-10 Months engagement for one of my Client. However, as an alternative option wanted to check if you can please help with the same. So that if we don''t get lucky with our internal sourcing system, we can potentially source it via a Beeline process. ArcSight is a SIEM (Security Incident and Event Management) solution by Micro focus. ArcSight is similar to Splunk, QRadar and Alien Vault. If you can find a resource that has experience with Splunk and QRadar in addition to ArcSight.even better

  ArcSight SIEM solution Administration

  ArcSight solution architecture and deployment experience

  Understanding of ArcSight event and data flow (Collection, Normalization, logging, correlation) in Linux and Windows environment

  Experience working in a SOC environment and collaborating with analysts to assist with necessary ArcSight related support activities. Experience with ArcSight SIEM solution and architecture, perform deployment and management of ArcSight infrastructure

  Administration and management of ArcSight infrastructure (ESM, Logger, Smart/Flex Connectors, ArcMC, Connector Appliances, Collectors, Transformation Hub)

 ArcSight content development (Use cases, Correlation Rules, Dashboards, Reports, Alerts)

  Developing Flex Connectors and able to perform parsing and overrides. Knowledge of Unix shell and PowerShell scripting

  On-Prem and Cloud data sources integrations with ArcSight  

  Using MITRE and kill chain concepts to build new ArcSight use cases if required

  ArcSight Integration with third party data source connectors

Thanks & Regards,

Wasee Mohammed