Info Security Consultant
Columbus, GA | Direct Hire
Info Security Consultant
Responsible for the large scale ArcSight deployment including capacity planning, maintenance, and operations.
• Detail oriented
• Excellent communication skills, both written and oral
• Ability to work independently
• Work with external teams to move projects along
• Processes and procedure documentation
• Strong knowledge of (SIEM, Firewall, Intrusion Prevention (IDS/IPS)
• Strong working knowledge of operating systems (i.e.: Windows, UNIX, RedHat Linux) RDBMS Systems such as Oracle, MYSQL and MS SQL
• Expert Level knowledge of RedHat and ArcSight’s CORRE database
• Strong Network experience and fluency in Enterprise architectures
• 7 plus years experience with ArcSight or 5 years plus with ArcSight and ArcSight Certification or 5 years ArcSight experiance and experience with other SIEM products
• Experienced with Logger Reporting and Administration
• Experienced with ESM Administration
• Experienced in creating content in ESM
o Active Lists
o Data Monitors
• Act as lead and support other ArcSight team members/
• Administration of ArcSight SIEM environment
• Capacity planning
• ArcSight Architecture
• Perform day-to-day analysis on ArcSight servers and associated components to verify stability and optimize performance
• Deploy ArcSight devices (connectors, Loggers, ESM)
• Testing, implementation and configuration of patches and upgrades
• Research, analyze and understand logs source from various devices in the network for acquisition and integration in ArcSight
• Smart connector management and Flex connector development
• Troubleshooting and break fix
• Write scripts and automation to optimize various processes involved
• Author Standard Operating Procedures (SOPs) and training documentation when needed
Provide support in researching, designing, testing, and implementing new technologies that will enhance the organizations capabilities
- Four year college degree (Computer Science, Info Security, or related field) and eight years professional experience or ten or more years professional experience is required. CompTIA Security+, CompTIA Network+, or equivalent certification required.
- Threat Management Center (TMC) Preferred: Network operations or engineering or system administration on Unix, Linux, MAC, or Windows experience is preferred. Common security operations, intrusion detection systems,
- Security Incident Event Management systems, and anti-virus collection logs preferred. Knowledge of industry standard security compliance programs (PCI, SOX, GLBA, etc.) preferred.
- Programming experience in C/C++, Java, .NET, Csh, Python, Perl, etc. preferred.
- Architectural Engineering Preferred: Possess strong knowledge, understanding, and experience in information technology, data security, application development, and network architecture.
- Strong desire to maintain in depth knowledge by obtaining or maintaining professional certifications (e.g. CISSP, CISM, CISA, GSEC, Network +, Security +).
- Vulnerability Preferred: Strong knowledge of web applications and network infrastructure development preferred. CISSP, CISA, CISM or other similar certifications preferred.