Sorry, this job is no longer available.

ArcSight SIEM Engineer

Service:  Risk Advisory  
Job Type:  Permanent 
Primary Location: Toronto, Ontario, Canada 
All Available Locations: Toronto 

External Posting Description

The candidate will be involved on professional services engagements to support the requirements gathering, deployment, configuration, integration and tuning for SIEM Software and appliances as well as other SIEM technologies as required.



  • Support during presales opportunities and participates on Proof of Concept and Pilot engagements.
  • Perform use case development, SIEM architecture, design, and capacity planning
  • Deploy ArcSight ESM, Loggers, Smart Connectors, Flex Connectors.
  • Perform ArcSight SIEM platform performance health checks, tuning and optimization.
  • Integrate log sources into SIEM (ArcSight) technologies.
  • Performing content and filter development to identify data, and events of interest.
  • Configure standard and custom alerting, correlation and notifications.
  • Develop standard and custom reports to support customer requirements, including compliance-driven reporting.
  • Provide quality knowledge transfer documentation and training for customers.


External Posting Qualifications

Recommended Knowledge:

  • Strong knowledge of SIEM functional and design concepts across entire information management lifecycle.
  • Hands-on deployment and configuration experience with ArcSight components within medium and large enterprises.
  • Demonstrated experience to support the listed candidate responsibilities.
  • Strongly preferred vendor certifications:
    •  ArcSight ESM Security Analyst and/or ArcSight ESM Integrator/Administrator
  • Linux and enterprise systems (Hardware) administration with a security focus
  • Knowledge of Splunk and QRadar would be an asset


Industry information security certifications an asset:

  • Government of Canada security clearance, an asset.


Required Skills & Abilities:

  • Demonstrates a high level of self-motivation and accountability on technical projects in a highly competitive environment to ensure timely execution, clear communication of risks, and delivery with limited direct supervision.
  • Exercises and exhibits leadership by planning, organizing, scheduling, coordinating the work of others; providing advice, guidance, direction; developing repeatable work methods, standards and other internal procedures.
  • Resolves problems that are diversified and complex and frequently involve new issues that may not have been encountered before.
  • Makes timely and logical decisions in analyzing diverse information streams, evaluating options and formulating recommendations in order to resolve problems.
  • Committed to continuous personal development to maintain and enhance technical security knowledge.
  • Some travel may be necessary to support customer projects.


Required Experience:

  • Minimum 3 years in information technology industry.
  • Minimum 3 years focus in information security.
  • Preferred 2-3 years hands-on ArcSight deployment and integration experience.

Deloitte is an inclusive employer dedicated to building a diverse workforce.  We encourage applications from all qualified candidates and will accommodate applicants’ needs under the respective provincial human rights codes throughout all stages of the recruitment and selection process. Please advise the Recruiter to ensure your accessibility needs are accommodated throughout this process.  Information received relating to accommodation will be addressed confidentially.

We thank all applicants in advance for their interest; however, only those candidates selected for an interview will be contacted.

Full time
Toronto, 08 M5C 3G7, CA