Sign Up Sign Up Log In Sign Up
This job has expired and you can't apply for it anymore. Start a new search.

ArcSight ESM Subject Matter Expert

Job Description Job Number: R0031272

ArcSight ESM Subject Matter Expert

Key Role:
Apply expertise in ArcSight ESM to conceptualizing, designing, and building secure technical solutions, including operationally viable and efficient applications, systems, architectures, and infrastructure. Direct the design and innovative integration of Cybersecurity toolsets to enable more automated discovery, remediation, and alerting of network and device vulnerabilities as a means of improving the security posture while reducing manpower requirements. Lead the analysis of emerging technologies and design and build architectures and solutions to enable the secure implementation of new technologies. Analyze threat information gathered from logs, intrusion detection systems (IDSes), intelligence reports, vendor sites, and a variety of other sources. Create customized dashboards using the Security Information and Event Management (SIEM) tool and use ArcSight Event Security Manager (ESM) to elevate high threat items to incident responders. Develop ESM rules, reports, dashboards, data monitors, active channels, trends, and use cases to identify threats and optimize data mining. Research, plan, install, configure, troubleshoot, maintain, and back up all components in the ArcSight Enterprise Log Management (ELM) architecture.

Basic Qualifications:
-8+ years of experience with IT
-Experience with creating custom dashboards and reports using threat data in ArcSight ESM
-Experience with the integration and sustainment of ArcSight ESM and its components

-Experience with managing Continuity of Operations (COOP) between sites and hubs

-Experience with the correlation of log event collection across sites within an enterprise

-Knowledge of log management and SIEM tools usage and architecture

-Active TS/SCI clearance
-BA or BS degree
-Ability to obtain Computing Environment: Linux+ or ArcSight Administrator Certification

Additional Qualifications:
-Knowledge of administration for the ArcSight ESM and backend database infrastructure related to upgrades and daily maintenance

-BA or BS degree in Engineering, CS, Information Security, or Information Systems preferred


Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance is required.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.

Company Name:
Security Clearance:
Top Secret / SCI
Rome, New York
United States
Not Specified
Job Number:

Send me email alerts for similar jobs