Paid Advertising is
ha.ckers sla.cking
Ever wanted to work as a "chief hacker" "security evangelist"? This is a place to post jobs or ask for work. Over time as I hear about job offers, we can consolidate them into this board. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Arcsight Deployment Engineer
Posted by: Knowledgecg
Date: April 02, 2007 02:23PM

ArcSight Engineer
San Antonio, TX

Applicants selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information.

Secret clearance is required.

Must possess experience with ArcSight. Preferably experience developing customized rules.

Thorough understanding of the most commonly used ports and research lesser-known ports (ports that NSD normally sees)

Know the type of traffic that should be seen into and out of the most commonly used ports and be able to identify deviations from the norm
Thorough understanding of network protocols
Thorough understanding of routing
Recommend improvements to AF security policies
Make recommendations for TCNO and NOTAM that should be generated
Recommend improvements to computer security and understand the impact of the change

Understand advanced hacking techniques
Thorough understanding of commonly used AF network services �V DNS, mail, web, etc. as well as less common network services

Perform in-depth log analysis
Perform packet analysis and be able to identify malformed packets
Be able to analyze the payload of the packet

Define the relationship between seemingly unrelated events
Recommend new Arcsight knowledge base and reference pages
Perform advanced queries of NSD historical and reference databases
Create rules and modify filters in IDS and Arcsight
QC and release reports

Understand differences between various operating systems �V which OS an event came from and which OS is vulnerable to a certain attack
Primarily analyzes traffic that is more than 24 hours old
Provide trend analysis

Reanalyze all data using asymmetric analysis techniques
Performs same functions as Correlation Analyst on historical data
Analyze traffic and ID events not found by correlation rules
Determine if new correlated file meets incident criteria, create case and pass to Mission Director for further review and action
Develop new correlation rules

Refine current correlation rules
Control Arcsight agent configuration
In event of surge, will become Research or Initial Analyst

Must possess experience with ArcSight.

Please respond by emailing a word version of your resume and salary information to

Options: ReplyQuote

Sorry, only registered users may post in this forum.