Skip to Main Content

ArcSight SME/Linux Administrator

Solutions³ LLC
Huntsville, AL
  • Posted: over a month ago
  • Full-Time
Job Description

Access: 100% Onsite

Description

Solutions³ LLC is supporting our prime contractor and their U.S. Government customer on a large mission-critical development and sustainment program to design, build, deliver, and operate their server operations environment.

Solutions³ is seeking a Micro Focus (formerly Hewlett Packard) ArcSight Engineer that has a strong Linux Administration background to be responsible for configuration, implementation, testing, and performance enhancements for ArcSight appliances (loggers, smart connectors, forwarders, ArcMCs, and ESM). The candidate should have some experience in Computer Network Defense (CND), some architectural design experience as well as hands-on experience with ArcSight. The candidate will to be able to apply analytical and systematic approaches in the resolution of problems of workflow, organization, and planning. The candidate will be responsible for the design, architecture, development, integration, unit test, installation, configuration, integration, deployment, and creation of customized dashboards using the Security Information and Event Management (SIEM) tool and ArcSight ESM to elevate high-threat items to incident responders. The candidate will all need to be able to maintain and create customized reports in Enterprise Log Management (ELM) Solution, ArcSight Logger.

Responsibilities:

  • Perform as the subject matter expert on ArcSight ESM software and industry best practices around Security Operations for the customer
  • Provide consulting advice to customer senior Information Technology (IT) leadership and sets the strategic direction for customers based on HP/ArcSight's solutions and products.
  • Responsible for the configuration, implementation, testing, and performance enhancements for ArcSight appliances 7.x (loggers, smart connectors, forwarders, ArcMCs, ESM including filter & channel configuration)
  • Use ArcSight Enterprise Security Manager (ESM) in the daily operational work and workflow of the end customer
  • Administer ArcSight ESM software platform at the customer site
  • Advise customers on best practices and use cases on how to use ArcSight to achieve customer end-state requirements
  • Demonstrate the ability to develop solutions that can be used at multiple customer sites to enhance their enterprise systems' availability, performance, maintainability and security.  
  • Proactively encourage and lead technically significant work on enterprise-scale projects
  • Responsible for providing detailed technical expertise for enterprise security solutions.
  • Mentor other engineers on the team when needed
  • Provide the technical direction required to resolve complex issues to ensure the on-time delivery of solutions that meet customer expectations. May need to develop new methods to apply to situations.
  • Provide advanced technical consulting and advice to proposal efforts, and solution design.
  • Create, maintain, and implement detailed documentation and standard operating procedures.
  • Perform troubleshooting of ArcSight components and applications when security events are not getting collected or collection reaches storage capacity.
  • Maintain the latest ArcSight configuration to address known exploits and collect required security events.
  • Develop automated reporting dashboards within the existing ESM system to provide near real-time reporting of computer system compliance information and maintain overall visibility for all connected assets.
  • Modify the ArcSight operational parameters (filters, channels, rulesets, etc.) when requested.
  • Perform regularly required reporting and monitor applicable security resources for updated requirements and compliance directions.
  • Work with peers outside the immediate organization to define and characterize complex technology or process problems and/or develop new solutions yet work independently to drive technical problems to a solution.
  • Develop reusable solutions and workarounds that are innovative and demonstrate a deep technical knowledge of the affected products, processes, and the customer environment.

Eligibility:

  • Must be a US Citizen
  • Must have an active DoD SECRET clearance and be able to obtain a TS/SCI clearance

Required Skills:

  • Must have 3+ years of ArcSight ESM software (implementation & maintenance)
  • Must have 5+ years of Network Security experience
  • Must have 3+ years of Linux Administration experience (including the command line interface)
  • Experience developing solutions to enhance the availability, performance, maintenance, and security of the enterprise systems
  • Strong SQL experience
  • Experience with REGEX scripting
  • Ability to perform custom parsing
  • Scripting experience (bash preferred)
  • Networking background (familiarity with common ports/protocols, firewalls/proxy)
  • Excellent written and verbal communication

Desired Skills:

  • Create custom dashboards and reports in ArcSight ESM using threat data.
  • Scripting skills - SQL, REGEX, BASH, PERL or VBA
  • Experience and/or familiarity with the NIST Cybersecurity Framework (NIST-CSF) and the NIST Risk Management Framework (NIST-RMF) and security and privacy controls (NIST 800-37 and NIST 800-53)
  • DHS experience.

Required Education: Bachelor’s degree in Systems Engineering, Computer Science, Information Systems or a related technical field.

Required Certifications: Security+ and/or CISSP (both preferred)

Desired Certifications: NIST Cybersecurity Professional (NCSP®) Practitioner, NCSP® 800-53 Specialist, Red Hat Certified System Administrator (RHCSA), Red Hat Certified Engineer (RHCE), ITIL Foundations

Powered by JazzHR

I4K4aIK8Bu

Solutions³ LLC

Address

Huntsville, AL
USA

Industry

Technology

View all jobs at Solutions³ LLC

What email should the hiring manager reach you at?

By clicking the button above, I agree to the ZipRecruiter Terms of Use and acknowledge I have read the Privacy Policy, and agree to receive email job alerts.