SIEM Content Engineer

  • DXC Technology
  • Plano, TX, USA
  • Nov 17, 2018
Full time Other

Job Description

DXC Technology Managed Security Services team is looking for a candidate who will have a senior level background in ArcSight content development. The ArcSight Content Developer is critical to the continued success of DXC MSS and is a critical skill set that is needed for us to deliver on the services that we are currently supporting.  

Location: Remote

This job role requires the engineer to be on-call

Role Responsibilities

  • General knowledge and engineering experience surrounding various device types to include: NIDS/NIPS, HIDS/HIPS, FIM, Unix/Linux, Windows Active Directory, Firewalls, Routers, Switches, Network Load Balancers, and Security Applications.
    • It is preferred the candidate have been a SME of one or more of these device types
  • Proven ability to effectively communicate with project stakeholders (Client, PMs, and technical staff).
  • Thorough understanding of all ArcSight Components including:
    • ArcSight Smart Connectors
    • ArcSight Enterprise Security Manager (ESM)
    • ArcSight Logger
  • Experience designing, implementing, and testing various SIEM solutions.
  • Thorough understanding of the event lifecycle as it pertains to the ArcSight product suite.
  • Knowledge and insight into various Attack Lifecycle models.
  • Experience with the Common Event Format (CEF).
  • Understanding of ArcSight Content development best-practices.
  • Understanding of ArcSight package creation and bundling processes.
  • Ability to create and troubleshoot regular expressions in custom parsers and within ArcSight FlexConnector configurations
  • Previous experience with event analysis and incident response is also preferred.

EDUCATION & EXPERIENCE

• Bachelor’s degree in computer science, engineering, or related area of study preferable / or equivalent experience (typically 6+ years of relevant experience) and certifications

KNOWLEDGE & SKILLS

  • In-depth Cyber and IT security knowledge
  • In-depth understanding of Cyber and IT security risks, threats and prevention measures
  • In-depth secure system architecture and infrastructure design and development skills
  • In-depth HA system and Linux skills
  • In-depth skills in relevant program/scripting languages
  • In-depth understanding of security standards and best practices
  • In-depth risk assessment and management skills
  • In-depth understanding of networking and network security
  • In-depth knowledge of relevant security tools and products
  • In-depth project management skills

About DXC Technology

Thanks for taking the time to review our job, if you think it is a match to your experience and interests please apply today— we are eager to learn more about you! If you know a friend who may be a fit for the job please refer them.

Please note the above statements describe the general nature and level of work only. They are not a complete list of all required responsibilities, duties and skills. Other duties may be added, or this description amended at any time.

Please Note

In order to satisfy our contractual obligations with clients, the successful candidate will be required to pass a basic, standard Criminal Records check. You will also be required to sign off on DXC’s Confidentiality, Non-Solicitation and Conflict of Interest Agreement.

DXC is an equal opportunity employer. We welcome the many dimensions of diversity.

Accommodation of special needs for qualified candidates may be considered within the framework of the DXC Accommodation Policy.