Dieses Jobangebot ist archiviert und steht nicht mehr zur Verfügung.
Vakante Jobangebote finden Sie unter Projekte.

Arcsight Security Consultant (2016)

Eingestellt von iET SA

Gesuchte Skills: Network, Consultant, Client, Unix

Projektbeschreibung

For a seven month project with continuation option at our banking client in Zurich we are looking for immediate support in the form of a

ARCSIGHT SECURITY CONSULTANT (2016)

to expand the coverage of security event sources and threats based monitoring use cases on our clients' Security Incident and Event Management (SIEM) platform.

The following is project scope in three steps:
1. Define and implement preliminary ArcSight reports, views, and alerting rules based on use cases
2. Review the run-time performance of these ArcSight reports, views and alerting rules; identify issues (false positives) and remediate/improve of the reports, views and alerting rules (a.k.a. base-lining)
3. Implement the resulting security monitoring rules in the Security Operations Center

We are looking for an experienced information security analyst who is capable of independently performing phases 1 and 2 as described above. This role will be the interface between business (who drives the monitoring use cases), engineering (who ultimately implements the ArcSight reports, views, and rules) and the SOC (who is the user and beneficiary of the new rules).

Requirements for the ideal candidate:
Understands monitoring use cases and business requirements and translates them into SIEM (ArcSight) reports, views, and rules;
Analyzes security events originating from various sources like Windows or UNIX Servers, network devices, databases, malware scanners, etc. and determines how they can be leveraged to implement the desired monitoring use cases;
Improves quality of raw and processed logs, identifies gaps
Analyzes the performance of ArcSight reports, views and rules; recognizes problems by identifying anormalities and evaluating trends; proposes improvements and measures to fix the identified issues with ArcSight reports and alerts; cooperates with platform owners to support issue resolution
Determines threat/risk level for prioritization of resolution activities
Proposes monitoring rules and reports that focus on relevant correlations and alerts with low rate of false positives, which then are manageable by Security Operations Center
Coordinates with SOC service management
University or comparable level degree in Information Technology
Special education in Information Security required
Major experience in the configuration and tuning of SIEMs (3 years)
Knowledge of ArcSight is an advantage
Experience in Security Operations and as Business Analyst
Experience in System Administration, Network Security, Information Security Policies, Network Troubleshooting, Firewall Administration, Network Protocols, Routers, Hubs, and Switches
Strong analytical thinking, ability to oversee complex problems
Skilled in dealing with sensitive matters and people
Ability to work independently and without direct supervision
Well versed in English, orally and in writing

If you consider yourself the ideal candidate, we look forward to receiving your application in Word format

Projektdetails

  • Einsatzort:

    Zürich, Schweiz

  • Projektbeginn:

    asap

  • Projektdauer:

    6 months ++

  • Vertragsart:

    Contract

  • Berufserfahrung:

    Keine Angabe

Geforderte Qualifikationen

iET SA