ArcSight Consultant

Jenrick IT
10 Apr 2018
20 Apr 2018
Contract Type
Full Time
We are working with a market-leading management consultancy who currently require an ArcSight Consultant to join them on an interim basis. This role will be based in either Guildford or Leeds and will require infrequent travel to other UK sites.

For this position you must hold valid SC Clearance.

This is an exciting opportunity to join a fast-growing business within the cyber security sector. As an ArcSight Technical Specialist, you will take responsibility for the design, content development and on-boarding of new customers within a SIEM environment, encompassing HP ArcSight ESM, Logger and SmartConnector components.

This role will provide you with an opportunity to work in a growing business area supporting and developing capabilities within our Security Operations Centre (SOC). The role will allow you to make a rewarding personal contribution to help us achieve the position as a global leader in Cyber Security and as a Managed Security Service Provider (MSSP).

The role will sit within the global engineering team and you will further develop your skills within SIEM systems but also gain access and experience of specialist in-house technologies using big data technologies such as Hadoop and our CyberReveal product set.

What you’ll be doing

- You will join an energetic and experienced Engineering team as a SIEM specialist and Subject Matter Expert (SME). This work will focus on the design and implementation of solutions to on-board new customers onto our Network Security Monitoring (NSM) platform as well as the establishment of best practice during customer transition projects.
- You will also have a vital role in the planning and execution of continuous service improvement activities.
- Design and implementation work will include on-boarding of new event sources and the creation of content (reports, rules, dashboards, etc.) where required in the ArcSight Data Platform, production of dashboards and reports to enable effective system management and monitoring, measurement of operational metrics and KPIs in addition to tailoring report information for our customers.
- You will work in conjunction with Solution Architects and Administrators and will be expected to perform hands-on development work. You will also work closely with our Threat Intel, Security Analyst and Operational Support teams.

What we’re looking for


Previous experience administering the ArcSight Data Platform (ADP)

- Experience in creating and troubleshooting parsers for Standard Smart Connectors and FlexConnectors
- Knowledge of Regular Expressions
- Experience in on-boarding new event sources onto the ArcSight Data Platform
- Working knowledge of some or all off the following: network, database and security toolsets with respect to event data processed by the ArcSight Data Platform
- Disciplined in the engineering lifecycle and formal change management
- Excellent communication skills, both written and verbal
- Self-motivated approach with the ability to lead others and prioritise workload

- ArcSight ESM Administrator (AEIA) certification for ESM 6.5
- Received formal ArcSight Connector Appliance or ArcSight Management centre (ArcMC) Administration training
- Received formal ArcSight FlexConnector Configuration training
- Demonstrable working knowledge of CEF
- Python or other related scripting experience
- Experience of developing content for the ArcSight Data Platform (ADP)

Received formal Operational support training (ITIL)

If you have the skills and would like to learn more please apply today

Similar jobs

Similar jobs