Capgemini · 3 days ago
Senior Data Analyst
Wonder how qualified you are to the job?
ConsultingInformation Technology
Insider Connection @Capgemini
Responsibilities
Responsible for management of security event traffic, appliances, and loggers.
Provide support for onsite Insider Threat support services providing immediate investigation and resolution
Provide assistance to other personnel to ensure cross-training while maintaining continuous performance
Plan, install, and administer ArcSight products to include ArcSight Loggers, Connector Appliances, ESM, Management Center and Software Connectors
Troubleshoot and resolve issues quickly on all platforms to ensure log management and incident response capabilities are maintained
Create and maintain detailed documentation of all ArcSight configurations and integrations
Work with Business Users to understand logging, incident identification, and compliance requirements
Translate requirements into ArcSight content such as rules, reports, dashboards, alerts, etc.
Work with System and Network Admins to understand all enterprise platforms and develop a plan to integrate all required logs into ArcSight. This includes mapping these platforms to business requirements and analyzing the events from each platform to validate event output and feed all ArcSight Content Development activities
Work with Analyst to create content to help automate the identification and reporting of incidents, compliance reports, events of interest, etc.
Review open-source threat feeds such as SANS and McAfee to stay current of the latest threats; and experience validating and integrating required event sources to identify events of interest surrounding this information
Create and maintain all content on all ArcSight platforms; including, all rules, filters, active channels, reports, dashboards, queries, etc. for all use cases, and ensuring all content is backup up on a regular basis
Develop Flex Connectors to integrate legacy or unsupported applications and platforms into ArcSight
Manage the Enterprise Auditing requirements based on ICS 500-27
Provide assistance to other personnel to ensure cross-training while maintaining continuous performance
Qualification
Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.
Required
U.S. Citizenship
Must have an active TS/SCI clearance (or SCI eligible)
BS in Computer Science, Management Information Systems, or related field is desirable, an advanced degree is also desirable or additional equivalent experience
Current IAT Level III certification
Minimum of 6 years providing security alert event configuration and management, continuous monitoring of multiple security technologies (such as IDS/IPS, syslog, file integrity, vulnerability scanners, correlating, analyzing events, designing, implementing, tuning, and using ArcSight SIEM tool to detect IT security incidents)
Knowledge of information security standards, rules and regulations related to information security and data confidentiality with desktop, server, application, database, network security principles for risk identification and analysis
Preferred
Subject Matter Expert (SME) with ArcSight software with certification or documentation of training in ArcSight
Benefits
Flexible work
Healthcare including dental, vision, mental health, and well-being programs
Financial well-being programs such as 401(k) and Employee Share Ownership Plan
Paid time off and paid holidays
Paid parental leave
Family building benefits like adoption assistance, surrogacy, and cryopreservation
Social well-being benefits like subsidized back-up child/elder care and tutoring
Mentoring, coaching, and learning programs
Employee Resource Groups
Disaster Relief
Company
Capgemini
Capgemini provides consulting, technology, and digital transformation services.
Funding
Current Stage
Public CompanyTotal Funding
unknown1999-04-01IPO· epa:CAP
Recent News
2024-06-01
2024-06-01
Company data provided by crunchbase