ArcSight Network Architect

Information Technology Fort Huachuca, Arizona Job ID: 2017-716


Description

Join STG, Inc. and watch your career soar as a Sr. ArcSight Network Architect supporting the Regional Cyber Center - CONUS (RCC-C) at Fort Huachuca in Sierra Vista, AZ.

As a member of our Computer Network Defense (CND) team, this position will be responsible for operating and maintaining instances of ArcSight Enterprise Security Manager (ESM), Kafka, zookeeper, logstash and related databases and systems.

Responsibilities:

  • Configure, troubleshoot, maintain and backup all components in the ArcSight Enterprise Log Management (ELM) architecture.
  • Analyze threat information gathered from logs, Intrusion Detection Systems (IDS), intelligence reports, vendor sites, and a variety of other sources.
  • Create customized dashboards using Security Information and Event Management (SIEM) tool ArcSight Event Security Manager (ESM) to elevate high threat items to incident responders.
  • Support the development of ESM rules, reports, dashboards, data monitors, active channels, trends and use cases to identify threats and optimize data mining.
  • Perform a variety of related project tasks in support of specialized CND missions.
  • Apply analytical and systematic approaches in the resolution of problems of work flow, organization, and planning.
  • Provide support for planning, design, development, testing, demonstration, integration of information systems.
  • Work with peers in other groups to ensure collaboration for shared goals.
  • Share knowledge and experiences promoting cross training to reduce mission silos and single points of failure within organizational processes and function area
Minimum Qualifications:

  • HS +6 or AA/AS +4 or BA/BS +2 years specific or related experience with Department of Defense IA, IS, or IT equipment, systems and/or networks. (College degree may be considered in lieu of experience)
  • Security+ CE or DoD 8570 IAT II certification at start.
  • Certified Ethical Hacker (CEH) or DoD 8570 CNDSP-IS equivalent within 60 days.

Technical Skills:

  • Experience maintaining Linux operating systems, preferably in a DoD security environment.
  • Technical knowledge of the ArcSight ESM and backend infrastructure related to upgrades and daily maintenance is essential
  • Experience creating custom dashboards and reports in ArcSight ESM using threat data
  • Experience in the integration and sustainment of ArcSight Connector Appliance, Logger components, and open source tools.
  • Experience writing scripts in order to resolve routine and advanced challenges (e.g. shell scripts, regex, SQL queries, etc.)

Non-Technical Skills:

  • Understanding of ITIL processes and principles.
  • Communicate effectively in both oral and written forms with users and office staff.
  • Establish and maintain cooperative working relationships with those contacted during the course of the work day.
  • Willing to work overtime, after hours, holidays, and weekends as necessary.
  • Ability to obtain and maintain Secret-level security clearance.

Clearance:
Secret

The employment policy of STG, Inc. is to provide equal employment opportunity for all qualified employees and applicants without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, or other legally protected status and to ensure affirmative action is taken in fulfillment of this policy.