Experience:

• SIEM Administration : 8 years (Required)
• Splunk: 8 years (Required)
• ArcSight : 3 years (Required

• SIEM Administration & Maintenance
• Install, configure, and maintain ArcSight components (ESM, Logger, SmartConnectors, Console, ArcMC).
• Manage ArcSight Smart Connectors: deployment, configuration, upgrades, and health monitoring.
• Perform system upgrades, patch management, and daily operational checks.
• Monitoring & Incident Handling
• Monitor ArcSight infrastructure availability, performance, and event flow.
• Troubleshoot connector failures, parsing issues, and event ingestion delays.
• Collaborate with SOC teams for incident triage and investigation support.
• Log Management & Onboarding
• Onboard new log sources into ArcSight including parser tuning and validation.
• Ensure log integrity, normalization, and enrichment.
• Maintain log retention policies and compliance requirements.
• Rule, Dashboard, and Report Management
• Create and optimize correlation rules, filters, queries, and dashboards.
• Develop and maintain automated reports and alerts for security monitoring.
• Perform rule tuning to minimize false positives and improve detection accuracy.
• Performance & Optimization
• Monitor system performance and capacity utilization.
• Fine-tune configurations for scalability and efficiency.
• Conduct root cause analysis for recurring system or connector issues.
• Security & Compliance
• Ensure ArcSight environment aligns with security best practices and audit requirements.
• Support compliance use cases (ISO, PCI-DSS, HIPAA, SOC2, etc.).
• Maintain proper access controls and segregation of duties.
• Documentation & Knowledge Transfer
• Maintain SOPs, architecture diagrams, and operational runbooks.
• Provide knowledge transfer sessions to SOC analysts and team members.
  Job Type: Contract
  Pay: $50.00 per hour
  Expected hours: 40 per week

Experience:

• SIEM Administration : 8 years (Required)
• Splunk: 8 years (Required)
• ArcSight : 3 years (Required)

Work Location: Remot