1. Strong fundamentals of Network Security, SIEM products (Splunk, ArcSight) skills from end to end understanding of the technology
2. Administration experience of Splunk ES App, ArcSight ESM, Logger and ConApp.
3. Strong ability to write correlation content to address complex use cases and build complex reports
4. Installation & configuration of Smart Connectors including Flex connectors
5. Strong understanding of ArcSight CEF, and syslog formats and events in general.
6. Strong varied technical experience with Unix/Linux and Windows, broad range of security devices, scripting knowledge