OnX OnDemand Consulting
Title: ArcSight SIEM Consultant
Duration: permanent hire
OnX is looking for an ArcSight SIEM Specialist/Consultant for a remote permanent engagement.
- Develop and improve operational practices/procedures.
- Monitor production SIEM platform for availability, and performance with fixing issues as they arise.
- Use Case management Lifecyle from development, tuning and deployment.
- Analysis of log events attributes and values to design relevant alerting.
- Management of log sources, and smart connecters to parse data sets.
- Building and testing automation tools for SIEM provisioning.
- Design, implement, test, integrate and document SIEM components.
- Authoring of SIEM processes and manage the document lifecycle.
- Providing technical guidance and education to team members on SIEM best practices.
- Drive the continuous improvement of SIEM tooling based on a strategy throughout the organization.
- Practical experience working as a ArcsSight SIEM Administrator or as a DevOps SIEM Specialist
- Experience working with infrastructure automation tools, and SOAR technologies
- Software development experience, with preference for Python and RegEx.
- Supporting cloud infrastructure for logging and security investigations (i.e AWS)
- Familiar with Docker and container orchestration tools.
- Understanding of concepts and practices from ITSM policies, frameworks, and regulatory compliance
- Strong aptitude for innovation; can recognize opportunities for improvement in day-to-day.
- Strong interpersonal, collaboration, oral and written communication skills.
- Excellent analytical, problem solving and decision-making skills with a strong attention to detail.