- Springfield, Virginia, United States
XOR Security is currently seeking a talented Arcsight Security Engineer to support an Intelligence customer focused on securing our national interests, and protecting our nations sensitive equities.
We are seeking candidates who can assist in developing content for a complex and growing ArcSight infrastructure. This includes use cases for Dashboards, Active Channels, Reports, Rules, Filters, Trends, and Active Lists. Provides optimization of data flow using aggregation, filters, etc. Participates in the operation of ArcSight Security Information and Event Management systems to include ArcSight ESM, Connector appliances/SmartConnectors, Logger appliances, Windows and Linux servers, network devices and backups. Supports life-cycle management of the ArcSight platforms to including coordination and planning of upgrades, new deployments, and maintaining current operational data flows.
- Bachelor’s Degree in Information Technology, Cyber Security, Computer Science, Computer Engineering, or Electrical Engineering
- Minimum 5+ years of experience with SEIM tools, specifically Arcsight
- Must possess strong written and verbal communication skills and must be capable of the understanding, documenting, communicating and presenting technical issues in a non-technical manner to audiences with varying degrees of technical expertise
- Must have demonstrated ability to build and implement event correlation rules, logic, and content in the security information and event management system with specific experience in the ArcSight ESM environment
- Must have demonstrated ability to tune the SIEM event correlation rules and logic to filter out security events associated with known and well established network behavior, known false positives and/or known errors
- Must have experience maintaining an event schema with customized security severity criteria
- Must have experience creating scheduled and ad-hoc reporting with SEIM tools.
- Must possess a thorough and in-depth understanding of SEIM technologies and event collector deployments in the Windows and Linux operating environments
- Active Top Secret with SCI eligibility
- Experience maintaining an event schema with customized security severity criteria
- Experience creating scheduled and ad-hoc reporting with SIEM tools
- Must possess a thorough and in-depth understanding of SIEM technologies and event collector deployments in the Windows and Linux operating environments
- Good understanding of networking fundamentals.
- Excellent problem solving capabilities.
XOR Security offers a very competitive benefits package including health insurance coverage from first day of employment, 401k with a vested company match, vacation and supplemental insurance benefits.
XOR Security is an Equal Opportunity Employer (EOE). M/F/D/V.
Citizenship Clearance Requirement
Applicants selected may be subject to a government security investigation and must meet eligibility requirements – US CITIZENSHIP REQUIRED.