to support, maintain, and optimize our enterprise Security Information and Event Management (SIEM) environment. The ideal candidate will be responsible for managing ArcSight deployments, developing custom content, tuning correlation rules, and ensuring the SIEM platform delivers actionable insights for threat detection and incident response.
Key Responsibilities
Administer, configure, and maintain
ArcSight ESM, Logger, and SmartConnectors
.
Develop and optimize
use cases, correlation rules, dashboards, and reports
to detect suspicious activity and security incidents.
Perform
log onboarding and parsing
, ensuring data integrity and completeness across integrated sources.
Conduct
health checks, performance tuning, and troubleshooting
of ArcSight infrastructure.
Collaborate with
SOC analysts, incident responders, and threat hunters
to enhance detection capabilities.
Ensure SIEM configurations align with
security best practices, compliance requirements (HIPAA, PCI-DSS, NIST, etc.), and organizational policies
.
Provide
documentation, knowledge transfer, and mentoring
to junior team members as needed.
Required Qualifications
5+ years of experience
working with
ArcSight SIEM solutions
(ESM, Logger, SmartConnectors).
Strong knowledge of
SIEM design, log ingestion, event correlation, and rule tuning
.
Proficiency in
regular expressions (Regex), filters, and parsers
for custom log integrations.
Hands-on experience with
Linux/Unix administration
and scripting (e.g., Bash, Python, or PowerShell).
Understanding of
network security, intrusion detection, firewalls, proxies, and endpoint security
.
Familiarity with
compliance standards
(ISO 27001, NIST, PCI-DSS, HIPAA, etc.).
Excellent troubleshooting, analytical, and communication skills.
Preferred Qualifications
ArcSight Certified Administrator / Analyst
or equivalent certification.
Experience integrating ArcSight with
threat intelligence platforms, SOAR, or other SIEMs
.
Exposure to
cloud logging and monitoring (AWS, Azure, GCP)
.
Previous experience in a
SOC or enterprise security operations role
.
Job Type: Full-time
Pay: AED350,000.00 - AED400,000.00 per year
Expected Start Date: 01/09/2025
Beware of fraud agents! do not pay money to get a job
MNCJobsGulf.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.