Blizzard Entertainment is looking for a talented and motivated Splunk Administrator to join its ranks in Irvine, CA.
You will have a solid understanding of large-scale Splunk environments with a wide variety of applications, systems, services, and architectures that they were responsible for collecting, parsing, and analyzing data from.
This person must have experience with deploying and maintaining a Linux-based Splunk Enterprise Security deployment, along with Splunk forwarders and syslog servers.
- Administer Blizzard Entertainment’s Splunk Enterprise systems, including clustered indexers, search heads, and forwarders
- Identify potential threats and malicious behavior in security logs; develop methods to improve monitoring capabilities and build new Splunk alerts
- Discover new use cases from the Global Security Operations Center (GSOC) and develop Splunk dashboards, searches, and alerts to fulfill them
- Integrate new data sources, applications, and technologies with Splunk
- Maintain security documentation for Splunk-related systems
- Provide Splunk user training to employees at all opportunities
- Experience in the administration of a Splunk Enterprise cluster
- Understanding of back-end Splunk configurations and Search Processing Language (SPL)
- Ability to normalize disparate logs from different systems in multiple formats to paint a cohesive picture of events occurring within the environment
- Knowledge of enterprise network security technology, appliances, and tools
- Basic scripting and automation proficiency (e.g., Python, Perl, BASH, Go, etc.)
- A minimum of 2 years’ experience in security focusing on SIEM or log aggregation and correlation, with minimums of 1 year of Splunk experience and 3 years overall enterprise IT experience
You will also possess most, if not all, of the following
- Excellent communication capabilities
- Excellent collaboration and interpersonal skills
- Exceptional time management skills
- Strong analytical skills
- Ability to work in a dynamic work environment
- Persistent self-motivation, initiative and attention to detail
- Splunk certified administrator certifications
- CISSP or equivalent security certifications
- Linux certifications (RHCA, RHCE, LPIC, or GIAC GCUX)
- Experience with configuration management systems (e.g. Ansible, Puppet, Chef, etc.)
- Experience with version control systems (e.g. Git, SVN, Perforce, etc.)
- Experience with rsyslog, syslog-ng, and Splunk HTTP Event Collection (HEC)
- Real passion for video games and most importantly, safeguarding them!
- Include a cover letter that tells us why you’re interested in Blizzard and what games you’re currently playing!
Blizzard Entertainment is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, gender expression, national origin, protected veteran status, or any other basis protected by applicable law, and will not be discriminated against on the basis of disability.
Accommodation Request: We are committed to working with and providing reasonable assistance to individuals with physical and mental disabilities. If you are a disabled individual requiring an accommodation to apply for an open position, please email your request to email@example.com. General employment questions cannot be accepted or processed here. Thank you for your interest.
Note to Recruiters and Placement Agencies: We do not accept unsolicited agency resumes. Please do not forward unsolicited agency resumes to our website or to any of our employees. We will not pay fees to any third party agency, outside recruiter or firm without a mutually agreed-upon contract and will not be responsible for any agency fees associated with unsolicited resumes. Unsolicited resumes received will be considered our property and will be processed accordingly.