Job Description:
We are urgently seeking an experienced ArcSight SIEM Specialist for a UAE-based opportunity. The ideal candidate will be responsible for end-to-end device onboarding, custom parser development, and seamless integration of log sources with the ArcSight SIEM platform.
Key Responsibilities:
- Manage and execute complete lifecycle of device onboarding with ArcSight SIEM.
- Integrate diverse log sources into ArcSight, ensuring optimal data normalization and correlation.
- Develop custom parsers (JSON, XML, Syslog) for unsupported devices.
- Analyze and understand a wide variety of log formats and patterns.
- Maintain documentation and provide support for log source onboarding and parser configurations.
- Collaborate with cross-functional teams to ensure successful deployment and performance optimization.
- Engage with stakeholders to gather integration requirements and provide technical guidance.
Requirements:
- Minimum 6 years of hands-on experience in device onboarding and integration with ArcSight SIEM.
- Proven expertise in developing custom parsers using JSON, XML, and Syslog for ArcSight.
- Strong understanding of ArcSight architecture, components, and data flow.
- Solid knowledge of various log formats and security data sources.
- Excellent problem-solving and communication skills.
- Experience in a telecom environment is a strong advantage.