You will collaborate to define the technical requirement (use cases), install and configure SIEM software, integrate log data sources, create filters, rules, reports and dashboards and finally test and demonstrate the working system.
The consultant will be expected to produce a high standard of documentation and train customer technical staff as required.
The SIEM technology used will be primarily ArcSight.
A suitable candidate will have varied hands-on technical experience with networking, security technologies, Windows and Linux platforms. They will also need strong interpersonal skills and an appreciation of project management.
- Understanding of TCP/IP networking
- Understanding of security architecture fundamentals
- Building software on Windows and Linux platforms
- Understanding of Windows security and authentication mechanisms
- Understanding of server configuration
- Writing shell scripts
- Regular expressions
Desired technical skills & experience:
- A degree in computer science
- Practical experience and/or certification in one or more SIEM product (ArcSight, Splunk, Q-Radar, RSA)
- Certification from Microsoft, Cisco, Checkpoint, Fortinet, McAfee, etc.
- Experience in finance or public sectors
- IT security certification (CISSP, GIAC)
- SC security clearance, with the ability to be cleared to DV level if necessary
Project Specific Deliverables:
- Building Proof of Concept environments.
- In depth understanding of the production of architecture and design documentation including HLD, LLD and other supporting documents.
- Ability to provide assurance over critical design decisions.
- Advise over creation of a deployment plan for the project.
- Capability to guide migration of existing solution to new platform including use cases and integration components.
For more information or an informal chat about the role please contact Thom Taylor on or