SOC Administrator

Job Description:

We are urgently seeking an experienced ArcSight SIEM Specialist for a UAE-based opportunity. The ideal candidate will be responsible for end-to-end device onboarding, custom parser development, and seamless integration of log sources with the ArcSight SIEM platform.

Key Responsibilities:

• Manage and execute complete lifecycle of device onboarding with ArcSight SIEM.
• Integrate diverse log sources into ArcSight, ensuring optimal data normalization and correlation.
• Develop custom parsers (JSON, XML, Syslog) for unsupported devices.
• Analyze and understand a wide variety of log formats and patterns.
• Maintain documentation and provide support for log source onboarding and parser configurations.
• Collaborate with cross-functional teams to ensure successful deployment and performance optimization.
• Engage with stakeholders to gather integration requirements and provide technical guidance.

Requirements:

• Minimum 6 years of hands-on experience in device onboarding and integration with ArcSight SIEM.
• Proven expertise in developing custom parsers using JSON, XML, and Syslog for ArcSight.
• Strong understanding of ArcSight architecture, components, and data flow.
• Solid knowledge of various log formats and security data sources.
• Excellent problem-solving and communication skills.
• Experience in a telecom environment is a strong advantage.