Splunk Administrator

Security Irvine, CA


Description

Blizzard Entertainment is looking for a talented and motivated Splunk Administrator to join its ranks in Irvine, CA.

You will have a solid understanding of large-scale Splunk environments with a wide variety of applications, systems, services, and architectures that they were responsible for collecting, parsing, and analyzing data from.

This person must have experience with deploying and maintaining a Linux-based Splunk Enterprise Security deployment, along with Splunk forwarders and syslog servers.

Responsibilities

  • Administer Blizzard Entertainment’s Splunk Enterprise systems, including clustered indexers, search heads, and forwarders
  • Identify potential threats and malicious behavior in security logs; develop methods to improve monitoring capabilities and build new Splunk alerts
  • Discover new use cases from the Global Security Operations Center (GSOC) and develop Splunk dashboards, searches, and alerts to fulfill them
  • Integrate new data sources, applications, and technologies with Splunk
  • Maintain security documentation for Splunk-related systems
  • Provide Splunk user training to employees at all opportunities

Technical requirements

  • Experience in the administration of a Splunk Enterprise cluster
  • Understanding of back-end Splunk configurations and Search Processing Language (SPL)
  • Ability to normalize disparate logs from different systems in multiple formats to paint a cohesive picture of events occurring within the environment
  • Knowledge of enterprise network security technology, appliances, and tools
  • Basic scripting and automation proficiency (e.g., Python, Perl, BASH, Go, etc.)
  • A minimum of 2 years’ experience in security focusing on SIEM or log aggregation and correlation, with minimums of 1 year of Splunk experience and 3 years overall enterprise IT experience

You will also possess most, if not all, of the following

  • Excellent communication capabilities
  • Excellent collaboration and interpersonal skills
  • Exceptional time management skills
  • Strong analytical skills
  • Ability to work in a dynamic work environment
  • Persistent self-motivation, initiative and attention to detail

Pluses

  • Splunk certified administrator certifications
  • CISSP or equivalent security certifications
  • Linux certifications (RHCA, RHCE, LPIC, or GIAC GCUX)
  • Experience with configuration management systems (e.g. Ansible, Puppet, Chef, etc.)
  • Experience with version control systems (e.g. Git, SVN, Perforce, etc.)
  • Experience with rsyslog, syslog-ng, and Splunk HTTP Event Collection (HEC)
  • Real passion for video games and most importantly, safeguarding them!
  • Include a cover letter that tells us why you’re interested in Blizzard and what games you’re currently playing!