ArcSight Specialist (Content Development) - 40-75k

Recruiter
SThree
Location
United Kingdom
Salary
40000 - 75000 per annum + competitive
Posted
13 Nov 2017
Closes
18 Nov 2017
Contract Type
Permanent
Hours
Full Time
You will be working internally for a IT Services firm that have recently brought in HP's ArcSight SIEM (Security Incident & Event Management) log correlation solution into their internally-facing Security Operations Centre and are looking to add a Security Specialist with experience of ArcSight Content Development. As an ArcSight Specialist, your role will involve you being very closely integrated with the SOC team, tuning the SIEM for successful detection of threats and investigating any problems that the SOC Analysts and Investigations teams are having with regards to daily use through monitoring their activities and the SIEM itself. As a consequence of this your role may involve developing SmartConnectors / FlexConnectors upon the onboarding of new business units and assist in generating requirements for the onboarding process itself in addition to developing the Content for the SIEM (e.g. creating use-cases, tweaking and writing new correlation rules, reports, dashboards, data monitors ...) As a consequence of having a close relationship with the SOC team, having a background as a SOC Analyst yourself would be highly beneficial (e.g. being on the other side of the fence, using ArcSight to monitor for IOCs / handle incidents), especially as on occasion when dealing with particularly challenging threats you may have to jump in, helping analysts with event analysis. Additionally, you'll be reporting back to the business engaging with key stakeholders from business units across the globe, so some experience of stakeholder management would be ideal, either in an internal or externally-facing capacity. 1 day per week working from home, potentially more depending on internal projects. If you feel this role would be of interest to you, do feel free to give me an email on 'a.fernandes[att]computerfutures[dot]com' with an up-to-date version of your CV and a good time that we may speak. Alternatively, I am available by phone on 0-2-0-7-9-0-7-3-8-3-8 or on LinkedIn (Andrew Fernandes, Computer Futures). If you know anyone that might be interested in the role, don't be afraid to point them in my direction; we're currently offering 200 of John Lewis vouchers to anyone who refers someone that later gets a job through us! Sthree UK is acting as an Employment Agency in relation to this vacancy. - provided by Dice STAKEHOLDER MANAGEMENT