This site uses cookies. To find out more, see our Cookies Policy

ArcSight ESM Subject Matter Expert in Rome, NY at Booz Allen Hamilton Inc.

Date Posted: 3/13/2019

Job Snapshot

Job Description

Job Number: R0031272

ArcSight ESM Subject Matter Expert

Key Role:
Apply expertise in ArcSight ESM to conceptualizing, designing, and building secure technical solutions, including operationally viable and efficient applications, systems, architectures, and infrastructure. Direct the design and innovative integration of Cybersecurity toolsets to enable more automated discovery, remediation, and alerting of network and device vulnerabilities as a means of improving the security posture while reducing manpower requirements. Lead the analysis of emerging technologies and design and build architectures and solutions to enable the secure implementation of new technologies. Analyze threat information gathered from logs, intrusion detection systems (IDSes), intelligence reports, vendor sites, and a variety of other sources. Create customized dashboards using the Security Information and Event Management (SIEM) tool and use ArcSight Event Security Manager (ESM) to elevate high threat items to incident responders. Develop ESM rules, reports, dashboards, data monitors, active channels, trends, and use cases to identify threats and optimize data mining. Research, plan, install, configure, troubleshoot, maintain, and back up all components in the ArcSight Enterprise Log Management (ELM) architecture.

Basic Qualifications:
-8+ years of experience with IT
-Experience with creating custom dashboards and reports using threat data in ArcSight ESM
-Experience with the integration and sustainment of ArcSight ESM and its components

-Experience with managing Continuity of Operations (COOP) between sites and hubs

-Experience with the correlation of log event collection across sites within an enterprise

-Knowledge of log management and SIEM tools usage and architecture

-Active TS/SCI clearance
-BA or BS degree
-Ability to obtain Computing Environment: Linux+ or ArcSight Administrator Certification

Additional Qualifications:
-Knowledge of administration for the ArcSight ESM and backend database infrastructure related to upgrades and daily maintenance

-BA or BS degree in Engineering, CS, Information Security, or Information Systems preferred


Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance is required.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.


Your Career is Waiting.

Get job alerts. Learn about new work and upcoming events. Share open roles with friends and colleagues.
Our Talent Network is your opportunity hub.

Get Answers and Access.

Need more information? Find it in our FAQs.

Application already in-process? Log in to keep going.