Hands-on experience in ArcSight implementation and use of ArcSight ESM (Enterprise Security Management) 5.0 and higher
Understanding of network, network-security, Operating systems and databases (e.g. Windows, UNIX, LINUX, ORACLE, DB2 etc.)
Proficient in ArcSight documentation – policies, standards, processes and procedures.
Good Communication and writing skills.
Should be organized and be able to multi task and complete tasks by timeline.
Maintain and monitor the IT Security for all of Asia Pacific region, across all production systems and applications.
Investigate on any incidents detected and escalate to the responsible team, and ensure proper closure
Complete operational responsibility for ArcSight Event Correlation System.
Develop & manage Use Case and Content. Provide guidance for Use Case/Content development to security analyst & network engineering staff. Analyze requirements of engineering, operations and security staff and develop Use Cases/Content (Dash Boards, Data Monitors, Reports, Rules, Filters, Trends, Active Lists, etc) to improve efficiency and effectiveness in each discipline.
Cooperation & contribution:
To actively coordinate and cooperate with other teams, to ensure best IT Security practices and deliveries and a smooth interaction.
To work closely with the various IT teams to maintain the workstation compliance, as per the Security norms
To work closely with System, Network and Application Teams for closure of any incident or non-compliance detected
Security operations Admin:
Install, configure, tune and maintain ArcSight components like ESM, Smart connectors etc.
Maintenance, Patching and Upgrade of ArcSight Manager, Database, Connectors, Web and Console, Knowledge of regular expressions
Developing Content on ArcSight Console by setting up Rules, Filters, Active-channels, Lists etc as well as creating Reports and Dashboards
Analyze, propose and implement new reports
Configure new applications/assets into ArcSight
Troubleshoot any issue with ArcSight components like ESM, Smart connectors etc.
Ensure all the integrated devices are sending logs without fail.
Ensure all rules and reports are working as expected.
Ensuring regular backup of all ArcSight resources.
To review the current monitoring processes and improves them.
Prepare training plan and material for new joiner to use and get trained.
To apply for this Position, please email your resume to firstname.lastname@example.org with ‘Security Analyst’ in the subject line’ in the subject line