Blizzard Entertainment is looking for a talented and motivated Splunk Administrator to join its ranks in Irvine, CA.
You will have a solid understanding of large-scale Splunk environments with a wide variety of applications, systems, services, and architectures that they were responsible for collecting, parsing, and analyzing data from.
This person must have experience with deploying and maintaining a Linux-based Splunk Enterprise Security deployment, along with Splunk forwarders and syslog servers.
- Administer Blizzard Entertainment’s Splunk Enterprise systems, including clustered indexers, search heads, and forwarders
- Identify potential threats and malicious behavior in security logs; develop methods to improve monitoring capabilities and build new Splunk alerts
- Discover new use cases from the Global Security Operations Center (GSOC) and develop Splunk dashboards, searches, and alerts to fulfill them
- Integrate new data sources, applications, and technologies with Splunk
- Maintain security documentation for Splunk-related systems
- Provide Splunk user training to employees at all opportunities
- Experience in the administration of a Splunk Enterprise cluster
- Understanding of back-end Splunk configurations and Search Processing Language (SPL)
- Ability to normalize disparate logs from different systems in multiple formats to paint a cohesive picture of events occurring within the environment
- Knowledge of enterprise network security technology, appliances, and tools
- Basic scripting and automation proficiency (e.g., Python, Perl, BASH, Go, etc.)
- A minimum of 2 years’ experience in security focusing on SIEM or log aggregation and correlation, with minimums of 1 year of Splunk experience and 3 years overall enterprise IT experience
You will also possess most, if not all, of the following
- Excellent communication capabilities
- Excellent collaboration and interpersonal skills
- Exceptional time management skills
- Strong analytical skills
- Ability to work in a dynamic work environment
- Persistent self-motivation, initiative and attention to detail
- Splunk certified administrator certifications
- CISSP or equivalent security certifications
- Linux certifications (RHCA, RHCE, LPIC, or GIAC GCUX)
- Experience with configuration management systems (e.g. Ansible, Puppet, Chef, etc.)
- Experience with version control systems (e.g. Git, SVN, Perforce, etc.)
- Experience with rsyslog, syslog-ng, and Splunk HTTP Event Collection (HEC)
- Real passion for video games and most importantly, safeguarding them!
- Include a cover letter that tells us why you’re interested in Blizzard and what games you’re currently playing!