Senior Data Analyst (ArcSight) with Security Clearance

0
0

Capgemini Government Solutions

Description
Capgemini Government Solutions (CGS) is seeking a highly motivated Senior Data Analyst to join our team in Washington DC to support our government clients. Senior Data Analyst is a multifaceted role that will be responsible for management of security event traffic, appliances, and loggers. This role requires a Data Analyst to provide support for onsite Insider Threat support services providing immediate investigation and resolution. The successful candidate will have the opportunity to apply and grow their skillset within a motivated and entrepreneurial team, engage with a wide range of stakeholders, and build CGS capabilities. Job Responsibilities: Responsible for management of security event traffic, appliances, and loggers.
Provide support for onsite Insider Threat support services providing immediate investigation and resolution
Provide assistance to other personnel to ensure cross-training while maintaining continuous performance
Plan, install, and administer ArcSight products to include ArcSight Loggers, Connector Appliances, ESM, Management Center and Software Connectors
Troubleshoot and resolve issues quickly on all platforms to ensure log management and incident response capabilities are maintained
Create and maintain detailed documentation of all ArcSight configurations and integrations
Work with Business Users to understand logging, incident identification, and compliance requirements
Translate requirements into ArcSight content such as rules, reports, dashboards, alerts, etc.
Work with System and Network Admins to understand all enterprise platforms and develop a plan to integrate all required logs into ArcSight. This includes mapping these platforms to business requirements and analyzing the events from each platform to validate event output and feed all ArcSight Content Development activities
Work with Analyst to create content to help automate the identification and reporting of incidents, compliance reports, events of interest, etc.
Review open-source threat feeds such as SANS and McAfee to stay current of the latest threats; and experience validating and integrating required event sources to identify events of interest surrounding this information
Create and maintain all content on all ArcSight platforms; including, all rules, filters, active channels, reports, dashboards, queries, etc. for all use cases, and ensuring all content is backup up on a regular basis
Develop Flex Connectors to integrate legacy or unsupported applications and platforms into ArcSight
Manage the Enterprise Auditing requirements based on ICS 500-27
Provide assistance to other personnel to ensure cross-training while maintaining continuous performance
Required Qualifications: U.S. Citizenship
Must have an active TS/SCI clearance (or SCI eligible)
BS in Computer Science, Management Information Systems, or related field is desirable, an advanced degree is also desirable or additional equivalent experience
Current IAT Level III certification
Minimum of 6 years providing security alert event configuration and management, continuous monitoring of multiple security technologies (such as IDS/IPS, syslog, file integrity, vulnerability scanners, correlating, analyzing events, designing, implementing, tuning, and using ArcSight SIEM tool to detect IT security incidents)
Knowledge of information security standards, rules and regulations related to information security and data confidentiality with desktop, server, application, database, network security principles for risk identification and analysis
Preferred Qualifications: Subject Matter Expert (SME) with ArcSight software with certification or documentation of training in ArcSight

To apply for this job please visit www.jobg8.com.