UnitedHealth Group - Senior IT Security Analyst - Arcsight

Discipline : Information Technology

Industry : IT Security

Primary Responsibilities :

Provide team leadership through the process of data analysis, analytics and response to event and alert content.

- Analyze security logs, monitoring logs, firewall logs, intrusion prevention system logs, and network and correlate logs using numerous database query techniques and tools

- Demonstrated experience working with network, host, and user activity data, assessing norms and identifying anomalies

- Will be part of a team that will create content, modify existing content, continuous quality monitoring of content within the logging and monitoring Security - Incident and Event Management platform

- Work directly with user departments to implement procedures and systems for the- protection, conservation and accountability of proprietary, personal or privileged electronic data

- Be proactive investigating incidents and areas of vulnerability

- Thoroughly investigate incidents and analyze the impact, exposure, and scope of the problem

- Make remediation orders, tactics, and suggestions to resolve and prevent further incidents

- Be able to work on-call rotations in a 24/7/365 environment

- Analyze and develop baselines for all related risk from log management tools

- Perform analysis on logs, traffic flows, and other activities to identify malicious activity

- Develop rules that trigger response to malicious activity

- Prepare reports and analyze the findings on malicious activity

- Develop response procedures for addressing potential security threats

- Drive onboarding of new logs into ArcSight

- Work with the security team to create reports and analyze data to effectively present the current security environment

- Stay abreast of the latest monitoring technology and trends

No. of Openings : 1

Qualifications Required :

- BA/BS or equivalent experience information security or computer sciences

- 4-6 years IT security work experience

- Maintains technical knowledge within areas of expertise

- Stays current with new and evolving technologies via formal training and self-directed education

- 1 or more years of experience leading teams of more than 4 data analysts

Preferred :

- 3-5 years of experience with large environment SIEM implementation such as ARcSight, QRadar

- Has participated in content development and management

- Additional experience with SIEM products such as ArcSight, QRadar,- Alien Vault, Splunk or equivalent systems

- Some knowledge of host and network forensic tools and techniques

- Strong knowledge of information security and networking

- Experience with and understanding of attack techniques

- Experience interpreting, searching, and manipulating data within enterprise logging/SIEM solutions

- At least one of the following certifications or equivalent experience: GCFA, GCIH, GCIA, GPEN, CEH, CISSP, CISM, CCNA and/or CISA certification

- Familiarity with security analysis of security system logs and network protocols

- Strong problem solving and troubleshooting skills including the ability to perform- analysis- investigation

- Strong written and verbal communication, as well as organizational and documentation skills

- Self-motivated and possessing a high sense of urgency and integrity

The Apply Button will redirect you to website. Please apply there as well.