Leidos Defense and Intelligence Group is seeking an ArcSight Engineer and specialist to support the DoD's JRSS (Joint Regional Security Stack) deployment activities, a multi-year, global effort to improve the DoD's security posture and provide enhanced security capabilities and analytics by centralizing and virtualizing network security into regional stacks rather than locally distributed appliances. Work will be performed in on site at Scott Air Force Base (AFB), IL.
In this role, you will act as the senior support person for ArcSight, performing work on Loggers, Connectors, ESMs, and ArcMCs. In this capacity you will work as part of a multi-disciplinary team that supports the active and passive Computer Network Defense (CND) tools deployed in regional stacks. You will also integrate with other technical teams, with DISA personnel, with vendor technical support personnel, and with technical representatives from DoD services.
You must have an active Secret clearance to begin work on this program and must be eligible to obtain Top Secret clearance per contract requirements.
EDUCATION & EXPERIENCE:
Bachelor's degree from an accredited college in a related discipline, or equivalent experience/combined education, with 14 years or more of professional experience; or 12 years of professional experience with a related Master's degree or equivalent work experience.
To be successful in this role, you should be skilled in the following ArcSight tasks:
Installing and configuring the tools (including ArcSight ESM, Connectors, etc.)
Integrating the tool for enterprise data collection to include capacity monitoring.
Configuring the tools to work with Syslog, File and Database collection of events.
Creating and editing content to both monitor and alert on security incidents.
Providing guidance to both internal and external Customer issues and supporting tickets.
Monitoring the tool's health and performance.
Tuning system parameters to enhance/improve system performance.
Providing Tier 2/3 troubleshooting for ArcSight issues, either within the tool or as part of an integrated team of professionals addressing larger issues
Assisting other JRSS teams that perform lifecycle O&M on the tools by acting as tool expert
Configuring, troubleshooting, and monitoring event flows including the integration of source tool data into ArcSight's SIEM for use by cyber intrusion analysts
Providing "on the job training" to less experienced JRSS, DISA or DoD Services' team members
Acting as the senior subject matter expert on the tool for interactions with other teams
Developing documentation to support the mission.
Must hold active Secret clearance and be eligible to obtain Top Secret clearance per contract requirements.
Additionally, to be a successful fit to this assignment you should:
Be well versed in TCP/IP communications and in Unix server construction, configuration, and maintenance.
Have a general knowledge of router and firewall functionality on a network.
Be familiar with the MS Office tool suite.
Have excellent written and oral communications skills and be able to appropriately present highly technical material to both technical and non-technical audiences.
Possess an active DoD Secret clearance In addition, you must be able to successfully obtain up to Top Secret based on requirements from the customer and program.
Possess current DoD 8570 IAT Level II certification per program requirement.
External Referral Eligible