Position is on the research staff of a private, not-for-profit government consulting firm headquartered in Tysons, VA. Work will be at client location in Fort Belvoir, VA. The client is PM Army Enterprise Systems Integration Program (AESIP).
Assist with modifying/creating rules to determine that rules are structured correctly and executing as intended.
Leverage the existing ArcSight efforts to provide support in applying solutions to other environments. For example, we would need advice on the solution to connect reports from the operating system (OS), database (DB), and application into the ArcSight tool. Also, provide advice and support, as requested, on planned solutions for OS, DB and SAP.
Patch ArcSight (ESM, Oracle and Smart Connectors)
Ensure ArcSight connectors are running and parsing data properly
Troubleshoot missing system logs – work with administrators/system owners to ensure log flow is reaching ArcSight system
Custom ArcSight parsers to receive non-standard logs
Create ad-hoc and reoccurring ArcSight reports
Create new ArcSight content creation
Advise on best practice for resolving Audit findings
Work with watch officers to improve ArcSight content, reports and consolidate use cases to be more efficient
Train watch officers to understand how ArcSight deals with specific events and best practices for resolutions
Maintain ArcSight system and remove unused content, users, reports, etc.
Create documentation and install new ArcSight software for new ERP ArcSight project (240 hours)
Support (in person) in reviewing ArcSight configuration, rules and reports
5+ years relevant work experience
Security Clearance: For this position, LMI will only consider applicants with a current secret security clearance
Availability to travel from Fort Belvoir, VA to Petersburg, VA.