Yesterday
Top Secret
Mid Level Career (5+ yrs experience)
No Traveling
IT - Security
Washington, DC (On-Site/Office)
Job Responsibilities
As a SIEM Engineer (ArcSight & Splunk), you will be:
Responsible for design, implementation and support ArcSight or Splunk core components, including ESM, Loggers, Smart Connectors, Indexers, Forwarders, Search Heads, and Cluster Managers
Responsible for configuration and administration of ArcSight or Splunk ingestion and forwarding for new and existing applications and data
Responsible for fix ArcSight or Splunk dataflow issues between the various event flow components
Responsible for configuring and deploying data collection for a variety of operating systems and networking platforms
Responsible for creating Dashboards and Analytics within SIEM tools
Working with monitoring systems supporting auditing, incident response, and system health
Responsible for understanding networking components and devices, ports, protocols, and basic networking fix steps
Required Qualifications:
US citizenship is required.
Top Secret with SCI eligibility.
Bachelor's degree in information technology, Computer Science, Information Systems, related field, or equivalent experience.
A minimum of 8 years of related cybersecurity experience.
A minimum of at least 4 years of proven ability with either ArcSight or Splunk
Experience in design, implementation, and support of ArcSight or Splunk core components, including ESM, Loggers, Smart Connectors, Indexers, Forwarders, Search Heads, and Cluster Managers
Experience with configuration and administration of ArcSight or Splunk ingestion and forwarding for new and existing applications and data
Experience with fixing ArcSight or Splunk dataflow issues between the various event flow components
Experience configuring and deploying data collection for a variety of operating systems and networking platforms
Experience creating Dashboards and Analytics within SIEM tools
Experience working with monitoring systems supporting auditing, incident response, and system health
Understanding of networking components and devices, ports, protocols, and basic networking fix steps
The ability to solve issues with log feeds, search time, and field extractions
The ability to solve problems related to data solutions.
Desired Qualifications:
Network Security Operations Center (SOC) experience
Experience and talent in date correlation
Experience creating workflows for Incident Response within a SIEM Tool
GIAC Certified Incident Handler Certification
GIAC Cyber Threat Intelligence Certification
Cybersecurity certifications
Formal SIEM training
As a SIEM Engineer (ArcSight & Splunk), you will be:
Responsible for design, implementation and support ArcSight or Splunk core components, including ESM, Loggers, Smart Connectors, Indexers, Forwarders, Search Heads, and Cluster Managers
Responsible for configuration and administration of ArcSight or Splunk ingestion and forwarding for new and existing applications and data
Responsible for fix ArcSight or Splunk dataflow issues between the various event flow components
Responsible for configuring and deploying data collection for a variety of operating systems and networking platforms
Responsible for creating Dashboards and Analytics within SIEM tools
Working with monitoring systems supporting auditing, incident response, and system health
Responsible for understanding networking components and devices, ports, protocols, and basic networking fix steps
Required Qualifications:
US citizenship is required.
Top Secret with SCI eligibility.
Bachelor's degree in information technology, Computer Science, Information Systems, related field, or equivalent experience.
A minimum of 8 years of related cybersecurity experience.
A minimum of at least 4 years of proven ability with either ArcSight or Splunk
Experience in design, implementation, and support of ArcSight or Splunk core components, including ESM, Loggers, Smart Connectors, Indexers, Forwarders, Search Heads, and Cluster Managers
Experience with configuration and administration of ArcSight or Splunk ingestion and forwarding for new and existing applications and data
Experience with fixing ArcSight or Splunk dataflow issues between the various event flow components
Experience configuring and deploying data collection for a variety of operating systems and networking platforms
Experience creating Dashboards and Analytics within SIEM tools
Experience working with monitoring systems supporting auditing, incident response, and system health
Understanding of networking components and devices, ports, protocols, and basic networking fix steps
The ability to solve issues with log feeds, search time, and field extractions
The ability to solve problems related to data solutions.
Desired Qualifications:
Network Security Operations Center (SOC) experience
Experience and talent in date correlation
Experience creating workflows for Incident Response within a SIEM Tool
GIAC Certified Incident Handler Certification
GIAC Cyber Threat Intelligence Certification
Cybersecurity certifications
Formal SIEM training
group id: 91140249
