SIEM Connector Solutions Engineer

Role : ArcSight Flex Connector Developer

Desired Experience Range : 4-10 Years

Location of Requirement : Pune & Hyderabad

Required Technical Skill Set :

• knowledge of ArcSight SmartConnectors, FlexConnector Framework, and ArcSight Platform
• Familiarity with regular expressions (regex) for parsing custom logs.
• Experience with log onboarding, parsing, and normalization processes.
• Log analysis (Analyst)
• Integration of different types of log sources
• Experience creating FlexConnector parsers using : Syslog, multi-line parser, Key-Value, Regex, JSON, XML, Database
• Solid understanding of :
• CEF (Common Event Format)
• ArcSight Event Schema and Field Mapping
• Device / Product Event Categorization
• knowledge of Linux / Unix systems and basic scripting.

Must-Have Skills

Responsibility of / Expectations from the Role

1.Design, develop, and deploy ArcSight FlexConnectors for custom log source integration.

2.Analyse and understand new log source formats (syslog, flat files, APIs, etc.).

3.Create parser files (. sdkkeyvaluefilereader, .Sdkrfilereader, .Sdkrfilereader.Properties, etc.) based on log source requirements.

4.Validate and test connector parsing using ArcSight connector appliance or standalone SmartConnector.

5.Work closely with SOC analysts to ensure accurate mapping of fields to ArcSight data model.

6.Troubleshoot and resolve parsing and event categorization issues.

7.Maintain FlexConnector documentation, use cases, and deployment guides.

8.Collaborate with SOC / Ops teams to onboard new log sources into the SIEM platform.