Security information and event management Content Engineer (SIEM)

Philadelphia, PA

Job Description:

The core competency part is at the bottom; it speaks about: Summary
The SIEM Content Engineer will serve as the principle engineering resource, and will be responsible for the care and content of the ArcSight SIEM platform. The SIEM Content Engineer will be managing the lifecycle of detection content (use cases) which will present monitoring and alerting content to the Security Incident Response Team (SIRT). The SIEM Engineer will have a positive impact on the security organization, and shape the way the enterprise views the threat landscape. 
Core Responsibilities
An ideal candidate will be to apply their knowledge of the security threat landscape to design detection and alerting content within ArcSight to be leveraged by the SIRT team. You will be required to work closely with the various internal service towers as well as application security teams on design, content, facilitating the use of the system and support the SIRT and their security incident identification processes and escalation workflow. 
Additional responsibilities include
• Use Case requirement gathering 
• Work alongside third party for correlation rules creation based on identified requirements
• Integrated IOC threat feeds onto the ArcSight platforms
• Fine Tune existing correlation rules to maximize their effectiveness 
• Cyclical evaluation of SIEM content to enhance detection capabilities 

Job Description:

Skill and Abilities
• Experience with Log Format and Source Data for SIEM Analysis. 
• Implementation of SIEM Service and Design of SIEM Source Data experience
• Understanding of networking fundamentals. 
• Solid background with Windows and UNIX platforms
• Strong documentation, excellent communication and exceptional problem solving skills. 
• Demonstrated ability to drive process improvements and identify gaps. 
• Proactive in engaging with stakeholders for effective use case requirement gathering 
• Proven ability to excel in a team, as an individual, in a dynamic environment and still meet deadlines. 

Education Level Bachelor’s Degree 
Field of Study Information Technology, Computer science, Computer Engineering, Telecommunications or related field.
Certifications Desired: CISSP
Years’ Experience Requires 5+ years related experience.
Compliance Comcast is an EEO/AA/Drug Free Workplace.

The SIEM Content Engineer will serve as the principle engineering resource,

and will be responsible for the care and content of the ArcSight SIEM platform

Core Competency:
HP Arcsight experience including in-depth knowledge of use-case development 

/ Alerting, custom reporting, and log analysis /assessment.

Position Comments:

Successful Traits:
• Exceptional Communication Skills. Able to write concise documentation.
• Diplomacy. Able to present counter opinions or difficult topics in a tactful way. 
• Root cause analysis and problem solving skills.
• Strong Organizational and Project management Skills
Nice to Haves :
• Knowledge of Comcast Technology, organizations, people, processes, culture, and systems.
• Proven Success engaging stakeholders in continuous change and workflow improvement.
• Ability to understand and support business operational functions.


Key Skills:

  • HP ArcSight,SIEM,content

Share Profile