Enable job alerts via email!
Arcsight Admin- Siem
Wipro
Johannesburg
On-site
ZAR 600 000 - 800 000
Full time
2 days ago
Be an early applicant
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Job summary
A global IT consulting firm is looking for an experienced ArcSight Admin to be based in Johannesburg, South Africa. The role requires a strong background in SIEM ArcSight content development and platform engineering with a minimum of 6 years of experience. Responsibilities include maintaining the ArcSight platform, integrating log sources, and collaborating with threat hunters. Candidates must have ArcSight certification and relevant security certifications like CEH or CISSP. This is a full-time position with a focus on IT services.
Qualifications
- 6+ years in SIEM ArcSight content development & platform engineering.
- Hands-on SOC experience in developing & fine-tuning SIEM custom content.
Responsibilities
- Administer & maintain ArcSight platform.
- Log source integration, data enrichment, asset mapping.
- Fine-tune correlation rules using threat modeling.
- Deploy use cases mapped to MITRE framework.
- Collaborate with Threat Hunters & CSIRT.
- Create SOPs, IoC databases, proactive threat hunting.
- Provide logs for CSIRT & forensic services.
Skills
ArcSight certification
Security certifications (CEH, SANS, OSCP, CISSP)
Knowledge of compliance (PCI, SOX, GDPR)
Job description
ArcSight Admin – SIEM
Wipro – City of Johannesburg, Gauteng, South Africa
Role
SIEM ArcSight SME / Admin (Onsite, Johannesburg)
Experience
- 6+ years in SIEM ArcSight content development & platform engineering
- Hands-on SOC experience in developing & fine-tuning SIEM custom content
Required Skills
- ArcSight certification
- Security certifications (CEH, SANS, OSCP, CISSP)
- Knowledge of compliance (PCI, SOX, GDPR)
Key Responsibilities
- Administer & maintain ArcSight platform
- Log source integration, data enrichment, asset mapping
- Fine-tune correlation rules using threat modeling
- Deploy use cases mapped to MITRE framework
- Collaborate with Threat Hunters & CSIRT
- Create SOPs, IoC databases, proactive threat hunting
- Provide logs for CSIRT & forensic services
Employment Details
- Seniority level : Mid-Senior level
- Employment type : Full-time
- Job function : Information Technology
- Industries : IT Services and IT Consulting
Get your free, confidential resume review.
or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
Michael Carter
I was stuck sending out resumes with no response until I used JobLeads. They made my resume impossible for recruiters to ignore.
Sophie Reynolds
JobLeads' resume review helped me fix critical mistakes, and I started getting interviews almost immediately!
Daniel Fischer
With JobLeads' resume review, my resume went from overlooked to interview-ready in no time!