ArcSight Analyst/Forensic Analyst - Mid-Level

ArcSight, Forensic, Security, Networking, MAC, Linux, Perl, SIEM, ESM, Python, Carbon Black, Bit9, F-Response
Full Time, Contract Independent, Contract W2, 8+ Months Contract
Telecommuting not available Travel not required

Job Description



Title: ArcSight Analyst/Forensic Analyst - Mid-Level


Location: Arlington, VA


Duration: 8+ Months Contract


Note: Client is looking for Analysts, not engineers and should have forensic background.


Job Description:


  • Our client has an Enterprise initiative to gather and translate data collected from network devices, in combination with various ArcSight products and forensic tools.
  • The goal of this initiative is to collect, process, preserve, and present digital evidence, delivering an accurate analysis that will address the needs of  incident response team, and assist the SIOC team, HR, and Legal in property crimes and cybercrime-related investigations. 
  • The role will be a key contributor to success of this initiative.
  • The analyst will work as part of a team working closely with business and IT technical team members. 
  • The ideal Mid-Level ArcSight Analyst/Forensic Analyst candidate will have a good understanding of enterprise security coupled with hands-on networking and security skills, best of breed forensic toolkits, Windows, MAC and Linux operating systems, formal change of custody practice, as well as an ability to write and understand scripting languages such as Perl.


Duties & Responsibilities:


The Mid-Level ArcSight Analyst/Forensic Analyst must take ownership of projects/tasks/issues and work them through completion.

The successful candidate for this position will work with the team and will:


  • Research, analyze and understand log sources, particularly from various devices in an enterprise network
  • Appropriately categorize the security messages generated by various sources into the multi-dimensional ArcSight normalization schema
  • Write and modify scripts to parse out messages and interface with the ArcSight categorization database
  • Write scripts and automation to optimize various processes involved 
  • Understand content for ArcSight ESM, including correlation rules, dashboards, reports, visualizations, etc.
  • Understand requirements to write content to address use cases based on customer requests and feedback
  • Provide back-up support to existing analysts
  • Support the development of this cross functional team to deliver clear and succinct documentation on processes and procedures
  • Provide on-call support as needed


Requirements & Qualifications:


  • 2+ years’ experience with a Security Information and Event Management (SIEM) solution such as ArcSight ESM is required
  • 2+ years’ as a ArcSight Security Analyst 
  • Hands-on experience scripting with Perl or Python
  • 2+ years working as a Security engineer
  • 2+ years working as a Forensics Analyst
  • Excellent knowledge of Forensic operations, administration and security
  • Experience examining logs and output from enterprise network devices and from applications hosted in these environments
  • Experience using Carbon Black and Bit9 as well as F-Response
  • Demonstrated technical understanding and knowledge appropriate to the role
  • Experience with performing endpoint forensics and malware analysis
  • Provide on-call support as needed
  • Experience examining logs and output from enterprise network devices and from applications hosted in these environments
  • Ability to quickly and accurately identify the meaning and severity of these log messages
  • Demonstrated technical understanding and knowledge appropriate to the role




BS/MS in Computer Science or 3+ year of equivalent experience in IT Security

Posted By

Kiran Thatipally

3569 Habersham At Northlake, Bldg K Tucker, GA, 30084

Dice Id : capricor
Position Id : 387733
Have a Job? Post it

Similar Positions

Powershell Developer
  • USM Business Systems
  • Vienna, VA
Curam Business Analyst
  • Serigor
  • Washington, DC
  • ALTA IT Services
  • Merrifield, VA
Technical Writer
  • Yash Technologies
  • Herndon, VA
RF engineer, P25 infrastructure exp(m52)
  • Infobahn Softworld Inc.
  • Lorton, VA
Financial Modeling Development Manager
  • Request Technology, LLC
  • Mclean, VA
.Net with WPF
  • Alexandria, VA
Qlik Sense Developer-Washington DC
  • Qlarion
  • Washington, DC
Sr. Powerbuilder Developer
  • CGI
  • Quantico, VA
Senior Tibco Developer
  • Apidel Technologies
  • Reston, VA
Senior Officer, Technical Design
  • The Pew Charitable Trusts
  • Washington, DC