Splunk Administrator
Irvine, CA

Job Description

Blizzard Entertainment is looking for a talented and motivated Splunk Administrator to join its ranks in Irvine, CA.

You will have a solid understanding of large-scale Splunk environments with a wide variety of applications, systems, services, and architectures that they were responsible for collecting, parsing, and analyzing data from.

This person must have experience with deploying and maintaining a Linux-based Splunk Enterprise Security deployment, along with Splunk forwarders and syslog servers.

Responsibilities

* Administer Blizzard Entertainment's Splunk Enterprise systems, including clustered indexers, search heads, and forwarders
* Identify potential threats and malicious behavior in security logs; develop methods to improve monitoring capabilities and build new Splunk alerts
* Discover new use cases from the Global Security Operations Center (GSOC) and develop Splunk dashboards, searches, and alerts to fulfill them
* Integrate new data sources, applications, and technologies with Splunk
* Maintain security documentation for Splunk-related systems
* Provide Splunk user training to employees at all opportunities

Technical requirements

* Experience in the administration of a Splunk Enterprise cluster
* Understanding of back-end Splunk configurations and Search Processing Language (SPL)
* Ability to normalize disparate logs from different systems in multiple formats to paint a cohesive picture of events occurring within the environment
* Knowledge of enterprise network security technology, appliances, and tools
* Basic scripting and automation proficiency (e.g., Python, Perl, BASH, Go, etc.)
* A minimum of 2 years' experience in security focusing on SIEM or log aggregation and correlation, with minimums of 1 year of Splunk experience and 3 years overall enterprise IT experience

You will also possess most, if not all, of the following

* Excellent communication capabilities
* Excellent collaboration and interpersonal skills
* Exceptional time management skills
* Strong analytical skills
* Ability to work in a dynamic work environment
* Persistent self-motivation, initiative and attention to detail

Pluses

* Splunk certified administrator certifications
* CISSP or equivalent security certifications
* Linux certifications (RHCA, RHCE, LPIC, or GIAC GCUX)
* Experience with configuration management systems (e.g. Ansible, Puppet, Chef, etc.)
* Experience with version control systems (e.g. Git, SVN, Perforce, etc.)
* Experience with rsyslog, syslog-ng, and Splunk HTTP Event Collection (HEC)
* Real passion for video games and most importantly, safeguarding them!
* Include a cover letter that tells us why you're interested in Blizzard and what games you're currently playing!