Arcsight Specialists Jobs Vacancy in Cgi Ottawa
Cgi Ottawa urgently required following position for Arcsight Specialists. Please read this job advertisement carefully before apply. There are some qualifications, experience and skills requirement that the employers require. Does your career history fit these requirements? Ensure you understand the role you are applying for and that it is suited to your skills and qualifications.
Follow the online directions, complete all the necessary fields, and provide all relevant information so your application is submitted correctly. When you click the 'Apply this Job' button (open in new window) you will be taken to the online application form. Here you will be asked to provide personal and contact details, respond to employment-related questions, and show how you meet the key selection criteria.
Arcsight Specialists Jobs Vacancy in Cgi Ottawa Jobs Details:
Contract Duration: Feb 26 - end of August with possibly an extension
Location: Ottawa Downtwon
The ArcSight Specialists is to assist with the review of the current ArcSight environment, identify performance issues and root causes, and implement corrective measures. The third-party ArcSight specialists will work with the Project Architecture team to validate the design, assess corrective measures, and be responsible for the implementation of measures as per the approved architecture and design.
Your future duties and responsibilities:
The Resources will be responsible for the following:
1. Data sanitization activity
Inventory device vendors and device products by network
Prioritize sanitization efforts by device vendor and product (BoC driven)
Develop standard taxonomy based on ArcSight CEF that can easily be ported to other platforms (e.g. ELK)
Identify specific data labelling requirements to facilitate DFIR
Identify gaps/issues to map sources into taxonomy
Identify events that can be filtered or aggregated to reduce load while maintaining security SA
Prepare parser over-rides, map files, sub-agents, and flexconnector configuration files as required to normalize events into standard taxonomy
Implement and parser over-rides, map files, sub-agents, and flexconnector configuration files
Develop SOPs for the maintenance of parser over-rides, map files, sub-agents, and flexconnector configuration files
2. ArcSight tuning
Review existing ArcSight environment (SmartConnectors, Loggers, ESM)
Identify performance issues and root causes (e.g. memory, variables, event rate, disk I/O)
Identify performance requirements (e.g. search speed)
Where practical implement corrective measures to improve performance - this may include changing the system configuration and/or workflows to achieve performance goals
Make recommendations to address remaining gaps (e.g. add hardware, software)
3. Implement ArcSight Activate Framework (Activate)
Review and validate current use cases (e.g. remove deprecated use cases)
Install the Activate Technology
Transition/implement current use cases under Activate
Test the newly created use cases
Remove any remaining non-Activate use cases
Required qualifications to be successful in this role:
A minimum of ten (10) years of experience in the field of information and IT security
A minimum of five (5) years of experience in the deployment, implementation and operations of ArcSight Security Information and Event Management (SIEM) systems, including working with various components such as SmartConnectors, Loggers and ESM
In depth knowledge and experience in the installation and configuration of the ArcSight Activate Framework
Demonstrated ability to make use of the Activate Framework and its methodology to develop use cases
Demonstrated ability to review and analyze SIEM implementations, to recommend and implement remediation measures in the context of data feeds rationalization and SIEM clean- up
CISSP or GIAC certification with knowledge of NIST 800-53, ITSG-33 will be considered an asset
What you can expect from us:
Build your career with us.
It is an extraordinary time to be in business. As digital transformation continues to accelerate, CGI is at the center of this changesupporting our clients digital journeys and offering our professionals exciting career opportunities.
At CGI, our success comes from the talent and commitment of our professionals. As one team, we share the challenges and rewards that come from growing our company, which reinforces our culture of ownership. All of our professionals benefit from the value we collectively create.
Be part of building one of the largest independent technology and business services firms in the world.
Learn more about CGI at www.cgi.com.
No unsolicited agency referrals please.
CGI is an equal opportunity employer. In addition, CGI is committed to providing accommodations for people with disabilities in accordance with provincial legislation. Please let us know if you require a reasonable accommodation due to a disability during any aspect of the recruitment process and we will work with you to address your needs.
Have you been referred by a CGI Member for this position?*