Hello Partners,
Find the details of the requirement as below and send me the matching
profiles to ku...@absli.com
*Job Title : Security Information Management (SIM) Engineer*
*Location : Rockville, MD*
*Duration : 1 Year*
*Description :*
*Major Purpose of Job:
*
The Security Information Management (SIM, SEM, SEIM)) Engineer is primarily
responsible for all operational aspects of log aggregation into an
enterprise log monitoring solution in the companys production and QC
computing environments. The ability to configure, test and implement the log
collection over a wide array of platforms and applications including, but
not limited to: Unix, Windows, Firewalls, Intrusion Detection System(IDS),
and database (Oracle and MS SQL Server). Configure the product to alert on a
variety of industry standard and custom security signatures.
**
*Essential Job Functions:
*
The ability to test and document RSA enVision configuration instructions for
a variety of event sources and create company specific implementation plans
for enterprise deployment.
Maintenance of all components of the RSA enVision multiple appliance series
deployment including Application Servers, Data Servers, and Local
Collectors.
Testing and deployment of all Event Source, Signature Content and
Vulnerability and Asset Management (VAM) vendor updates.
Ensuring all necessary components are part of a scheduled backup and testing
the integrity of all backed up files.
Creation of accurate queries and reports on a scheduled and ad-hoc basis.
The ability to translate security requirements into custom correlation
rules.
Configuration of enVision custom alerting.
Participate in scheduled off-hour configuration changes, service outages,
upgrades, and disaster recovery (DR) exercises.
Perform analysis of critical security alerts and escalate to appropriate
teams. Work issues through to resolution.
Documentation of actions taken for audit, regulatory and legal purposes
within approved event tracking system
Create maintain documentation for supported systems.
**
*Other Job Functions:
*
Serve as backup for operational management of enterprise compliance
solution.
Serve as backup for operational management of enterprise Data Loss
Prevention (DLP) solution.
Developing custom scripts to automate tasks.
**
*Education/Experience Requirements: *
*
* Bachelors degree in engineering or information systems.
3-5 years experience working with an enterprise Security Information
Management (SIM) tool such
as RSA enVision, ArcSight, Novell Sentinel or equivalent.
**
*At least 3 years experience in each of the following: *
*
*o Unix Solaris 10
o Linux (RHEL 4/5)
o Windows Server 2K3/2K8
o Oracle 9/10g/11g
o MS SQL Server 2K3/2K5/2K8
**
*1-2 years experience in each of the following: *
*
*o Radius
o ISA Proxy Server
o Cisco Router/Switches
**
Proficient in the operation of network packet analyzer.
CISSP or SANS GIAC certification.
Technical or Security Operations Center (SOC) experience a plus.
Prior experience working in a technical support environment.
Understanding of auditing practices and regulatory requirements.
Experience with Perl, and Unix shell scripting.
--
Regards
Alrek Business Solutions, Inc.
(Formerly Known as ALDON BUSINESS SOLUTIONS, INC)
830 E.Higgins Rd, Suite # 114,
Schaumburg, IL 60173
URL:www.absli.com
Ph: 847-348 0380, 1194
Fax: 847-4138294
Certified Minority Business Enterprise(MBE)
CONFIDENTIALITY NOTICE: This e-mail message including attachments, if any,
is intended only for the person or entity to which it is addressed and may
contain confidential and /or privileged material. Any unauthorized review,
use, disclosure or distribution is prohibited. If you are not the intended
recipient, please contact the sender by reply e-mail and destroy all copies
of the original message. If you are the intended recipient but do not wish
to receive communications through this medium, please so advise the sender
immediately
--
***************************************************************************************
For all SAP related tutorials,Articles,Faqs,Tips
www.sapbrainsonline.com
****************************************************************************************
You received this message because you are subscribed to the Google Groups
"sapbrains" group.
To post to this group, send email to sapbrains@googlegroups.com
To unsubscribe from this group, send email to
sapbrains-unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/sapbrains?hl=en
