Senior Security Engineer, Splunk
Security Irvine

Blizzard Entertainment is looking for a talented and motivated security engineer to join its ranks in Irvine, CA.

You will have achieved deep understanding of their craft having spent time in in large-scale Splunk environments with a wide variety of applications, systems, services, and architectures that they were responsible for collecting, parsing, and analyzing data from.

This person must have extensive experience with deploying and maintaining a Linux-based Splunk Enterprise Security deployment, along with Splunk forwarders and syslog servers.

Responsibilities

  • Lead and administer Blizzard Entertainment’s Splunk Enterprise systems, including clustered indexers, search heads, and forwarders
  • Identify potential threats and malicious behavior in security logs; develop methods to improve monitoring capabilities and build new Splunk alerts
  • Discover new use cases from the Global Security Operations Center (GSOC) and develop Splunk dashboards, searches, and alerts to fulfill them
  • Integrate new data sources, applications, and technologies with Splunk
  • Maintain engineering and security documentation for Splunk-related systems
  • Provide Splunk user training to employees at all opportunities

Technical requirements

  • Experience in the administration of a Splunk Enterprise cluster
  • Deep understanding of back-end Splunk configurations and Search Processing Language (SPL)
  • Experience with enterprise scale Windows and Linux based architectures and security design
  • Ability to normalize disparate logs from different systems in multiple formats to paint a cohesive picture of events occurring within the environment
  • Strong knowledge of enterprise network security technology, appliances, and tools
  • Basic scripting and automation proficiency (e.g., Python, Perl, BASH, Go, etc.)
  • A minimum of 4 years’ experience in security focusing on SIEM or log aggregation and correlation, with minimums of 3 years Splunk experience and 6 years overall enterprise IT experience
  • Bachelors or Master’s Degree in Computer Science, or equivalent applicable experience

You will also possess most, if not all, of the following

  • Excellent communication capabilities
  • Excellent collaboration and interpersonal skills
  • Exceptional time management skills
  • Strong analytical skills
  • Ability to work in a dynamic work environment
  • Persistent self-motivation, initiative and attention to detail

Pluses

  • Splunk certified architect or Splunk certified administrator certifications
  • CISSP or equivalent security certifications
  • Experience developing Splunk Apps (e.g. working apps published to Splunkbase or GitHub)
  • Linux certifications (RHCA, RHCE, LPIC, or GIAC GCUX)
  • Experience with configuration management systems (e.g. Ansible, Puppet, Chef, etc.)
  • Experience with version control systems (e.g. Git, SVN, Perforce, etc.)
  • Experience with rsyslog, syslog-ng, and Splunk HTTP Event Collection (HEC)
  • Experience developing Splunk integrations for HTTP-based APIs (e.g. RESTful, RPC, etc.)
  • Real passion for video games and most importantly, safeguarding them!
  • Include a cover letter that tells us why you’re interested in Blizzard and what games you’re currently playing!

Blizzard Entertainment is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, gender expression, national origin, protected veteran status, or any other basis protected by applicable law, and will not be discriminated against on the basis of disability.

Accommodation Request: We are committed to working with and providing reasonable assistance to individuals with physical and mental disabilities. If you are a disabled individual requiring an accommodation to apply for an open position, please email your request to talentacquisition@blizzard.com. General employment questions cannot be accepted or processed here. Thank you for your interest.

Note to Recruiters and Placement Agencies: We do not accept unsolicited agency resumes. Please do not forward unsolicited agency resumes to our website or to any of our employees. We will not pay fees to any third party agency, outside recruiter or firm without a mutually agreed-upon contract and will not be responsible for any agency fees associated with unsolicited resumes. Unsolicited resumes received will be considered our property and will be processed accordingly.