This job ad has been posted over 30 days ago...



Immediate Hiring For ArcSight Admin At Paladion Networks / Riyadh Full-time

at Paladion Networks in Saudi Arabia (Published at 16-08-2017)

The Security Engineer is responsible for providing systems administration, monitoring, analysis, and operations supporting for the implementation of existing and planned capabilities and tools within Cyber Operations.
Responsibilities include:
• Responsible for SIEMs security design review and recommendations, technical data gathering, security and policy review and configuration, security device implementation planning, configuration and implementation of security products and technical quality assurance.
• Create custom SIEM rules/rule modifications and custom reports as needed.
• Develop content for a complex and growing ArcSight infrastructure. This includes Use Cases, Dashboards, Active Channels, Reports, Rules, Filters, Trends, and Active & Session Lists.
• Provide optimization of data flow
• Develop custom Flex Connector as required to meet use case objectives.
• Manage the operation of ArcSight Security Information and Event Management systems to include ArcSight Express, Connector appliances/SmartConnectors, Logger appliances, Windows and Linux servers, network devices and backups.
• Life-cycle management of the ArcSight platforms to including coordination and planning of upgrades, new deployments, and maintaining current operational data flows.
• Perform defined system designs, data lifecycles, and reporting tasks for identification of malicious activity.
• Apply Configuration Management disciplines to maintain hardware/software revisions, ArcSight content, security patches, hardening, and documentation.
• Recommend configuration changes to improve the performance, usability, and value of cyber analysis tools.
• Work closely with other teams to maintain Security requirements for Operation of ArcSight systems
• Support all aspects of Security Information and Event Management initiative and provide guidance to security analyst and network engineering staff

•Support the establishment, enhancement, and continual improvement of an integrated set of correlation rules, alerts, searches, reports, and responses.
• Coordinate and conducting event collection, log management, event management, compliance automation, and identity monitoring activities.
• Respond to day-to-day security requests relating to ArcSight operations.
• Tunes ArcSight performance and event data quality to maximized ArcSight system efficiency.
• Assists with analyst using ArcSight and other tools to detect and respond to security incidents.
• Perform routine equipment checks and preventative maintenance
• Add/Remove log sources. Troubleshoot issues with log sources or systems with vendor and report system defects as needed.
• Supports the project lead engineer in the selection, installation and operation of cyber security tools in the Security Operation Center.
• Researches, evaluates, designs, tests, recommends communicates, and implements new security tools, software or devices.
• Implements, communicates, and may develop network security approaches for data, software applications, hardware, and computer installations.
• Provides technical consultation in new systems development, new package evaluations and enhancements of existing systems.
• Prepares functional specifications from which systems will be procured and implemented.
• Participates in the technical design, development, testing, implementation and maintenance of systems and tools deployment and enhancements.
• Plans, schedules and conducts systems tests, monitors test results, and takes appropriate corrective action.
• Prepares technical user guides
• Maintains current knowledge of relevant technologies and tools as assigned.
• Participates in special projects as required
• Monitor and analyze the output from various security monitoring devices and recommend security actions per procedures where required
• Performing systems hardening to Industry Standards
• Maintain up to date documentation of designs/configurations.
• BS in Engineering, Computer Science, Information Security, or Information Systems.
• 5+ years of information security experience
• 3+ years of experience with SEIM architectures, such as ArcSight for monitoring devices such as network and host-based intrusion detection systems, web application firewalls, database security monitoring systems, firewalls/routers/switches, proxy servers, antivirus systems, file integrity monitoring tools, and operating system logs
• Experience in at least one successfully and significant SEIM deployment, including for ArcSight and installation and tuning of SEIM Connectors, Loggers, and ESM

Traditional network monitoring experience (packet/protocol analysis)
• Hands-on administrative experience with major operating systems
• Understanding TCP/IP communications & knowledge of how common protocols and applications work at the network level, including DNS, HTTP, and SMB
• Knowledge of how the Windows file system and registry function
• Ability to demonstrate analytical expertise, close attention to detail, excellent critical thinking, logic, and solution orientation and to learn and adapt quickly
• Knowledge of network monitoring, analysis, troubleshooting, and configuration control technologies
Security certifications:
• Relevant information security certifications, such as CISSP, SANS GCIA, SANS GCIH, SANS GPEN, SANS GCFA, SANS GNFA, SANS GREM, Offensive Security OSCP.

Note: Applications have been closed.

Recent jobs at Paladion Networks

Viewed: 1542 times
« Go back to category
Is this job ad fake? Report it!   
Recommend to a friend