Job Description :
Job Title: ArcSight Consultant
Work Location: Chicago, IL
Duration: 10 Months
No. of Positions: 2
C2C, W2
We are currently looking for a strong Arc Sight experienced resource with a good hand on experience. We are currently waiting to hear from our internal talent sourcing system to see if we can find any third-party contractor to support 8-10 Months engagement for one of my Client. However, as an alternative option wanted to check if you can please help with the same. So that if we don''t get lucky with our internal sourcing system, we can potentially source it via a Beeline process. ArcSight is a SIEM (Security Incident and Event Management) solution by Micro focus. ArcSight is similar to Splunk, QRadar and Alien Vault. If you can find a resource that has experience with Splunk and QRadar in addition to ArcSight.even better
ArcSight SIEM solution Administration
ArcSight solution architecture and deployment experience
Understanding of ArcSight event and data flow (Collection, Normalization, logging, correlation) in Linux and Windows environment
Experience working in a SOC environment and collaborating with analysts to assist with necessary ArcSight related support activities. Experience with ArcSight SIEM solution and architecture, perform deployment and management of ArcSight infrastructure
Administration and management of ArcSight infrastructure (ESM, Logger, Smart/Flex Connectors, ArcMC, Connector Appliances, Collectors, Transformation Hub)
ArcSight content development (Use cases, Correlation Rules, Dashboards, Reports, Alerts)
Developing Flex Connectors and able to perform parsing and overrides. Knowledge of Unix shell and PowerShell scripting
On-Prem and Cloud data sources integrations with ArcSight
Using MITRE and kill chain concepts to build new ArcSight use cases if required
ArcSight Integration with third party data source connectors
Thanks & Regards,
Wasee Mohammed
Cell
Desk
E: