ELK SIEM Consultant (Remote)

April 28, 2021
Remote, FL
Job Type



Migrating a way from ArcSight and to FireEye Helix with the plan to decommission ArcSight. Assist to migrate all security log sources off ArcSight and onto Helix via Kafka to facilitate decommission of ArcSight.

Detailed Description of the Services:

This work is to be performed under the direction of clients project sponsor and/or their defined delegates. It is expected that the consultants collectively will have expertise in the following skills and technologies:

  • Thorough understanding of SIEM’s in an enterprise
  • Expertise in SIEM delivered through a SOC function
  • Deep understanding of pre-parsing, parsing, filtering, and delivering logs to a SIEM
  • Logstash
  • Kafka
  • Elasticsearch
  • Splunk
  • Ansible
  • NXLog
  • ECE
  • ELK stack
  • GitHub
  • Automation
  • DevOps
  • Scripting
  • Python
  • Data lake
  • Security log collection experience

Perform the following tasks during the engagement:

  • Support reviewing and prioritizing all log sources to configure the appropriate events to send to Kafka
  • Identify parsing and filtering requirements of log sources
  • Analyze large volume of log data in Data Repositories and SIEMs in order to define filter requirements
  • Support the data engineering activities for ArcSight ESM to Kafka
Drop files here browse files ... Dropbox ...

Related Jobs

April 26, 2021
This entry was posted in . Bookmark the permalink.
Are you sure you want to delete this file?