This job listing expired on Nov 30, 2021
Tweet

Job Description

Blizzard Entertainment is looking for a talented and motivated Splunk Administrator to join its ranks in Irvine, CA. You will have a solid understanding of large-scale Splunk environments with a wide variety of applications, systems, services, and architectures that they were responsible for collecting, parsing, and analyzing data from.

This person must have experience with deploying and maintaining a Linux-based Splunk Enterprise Security deployment, along with Splunk forwarders and syslog servers.

Responsibilities

  • Administer Blizzard Entertainment’s Splunk Enterprise systems, including clustered indexers, search heads, and forwarders
  • Identify potential threats and malicious behavior in security logs; develop methods to improve monitoring capabilities and build new Splunk alerts
  • Discover new use cases from the Global Security Operations Center (GSOC) and develop Splunk dashboards, searches, and alerts to fulfill them
  • Integrate new data sources, applications, and technologies with Splunk
  • Maintain security documentation for Splunk-related systems
  • Provide Splunk user training to employees at all opportunities

Technical Requirements

  • Experience in the administration of Splunk in a large enterprise environment
  • Understanding of back-end Splunk configurations
  • Experience with Search Processing Language (SPL), especially as how it relates to security IOCs and risk
  • Ability to normalize disparate logs from different systems in multiple formats to paint a cohesive picture of events occurring within the environment
  • Experience with systems administration on various Linux distributions
  • Knowledge of enterprise network security technology, appliances, and tools
  • Basic scripting and automation proficiency (e.g., Python, Perl, BASH, Go, etc.)
  • Experience with configuration management systems (e.g. Ansible, Puppet, Chef, Terraform etc.)
  • A minimum of 2 years’ experience in security focusing on SIEM or log aggregation and correlation, with minimums of 1 year of Splunk experience and 3 years overall enterprise IT experience

You will also possess most, if not all, of the following

  • Excellent communication capabilities
  • Excellent collaboration and interpersonal skills
  • Exceptional time management skills
  • Strong analytical skills
  • Ability to work in a dynamic work environment
  • Persistent self-motivation, initiative and attention to detail

Pluses

  • Splunk certified administrator certifications
  • CISSP or equivalent security certifications
  • Linux certifications (RHCA, RHCE, LPIC, or GIAC GCUX)
  • Experience with version control systems (e.g. Git, SVN, Perforce, etc.)
  • Experience with rsyslog, syslog-ng, and Splunk HTTP Event Collection (HEC)
  • Real passion for video games and most importantly, safeguarding them!
  • Include a cover letter that tells us why you’re interested in Blizzard and what games you’re currently playing!

Blizzard Entertainment is an Equal Opportunity Employer. All qualified applications will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, gender expression, national origin, protected veteran status, or any other basis protected by applicable law, and will not be discriminated against on the basis of disability.

COVID-19 Hiring Update

We’ve transitioned to a work-from-home model and we’re continuing to interview and hire during this time. This role is expected to begin as a remote position. We understand each person’s circumstances may be unique and will work with you to explore possible interim options.

Note to Recruiters and Placement Agencies: We do not accept unsolicited agency resumes. Please do not forward resumes to our website or to any of our employees. We will not pay fees to any third party agency, outside recruiter or firm without a mutually agreed-upon contract and will not be responsible for any agency fees associated with unsolicited resumes. Unsolicited resumes received will be considered our property and will be processed accordingly.