Information Security Engineer

 
Location: San Jose, California
Posted On: 8/4/2017
Job Code: 5445_ISESANCA
Print
 
Job Description
 
Security Engineer – Data Onboarding will assist with the design, implementation, security and ongoing support of the Client's cyber security tools and processes within Global Information Security Team. This position will work directly with teams inside and outside of GIS as part of our overarching data security strategy for corporate and marketplaces Threat Management and Response, Data Science, and GRC initiatives.

The ideal candidate will have a passion for cybersecurity, system monitoring and analysis, and developing/automating creative solutions. As a Security Engineer, you will be expected to be skilled at identifying security gaps in infrastructure and process, effectively execute projects/initiatives to address them, demonstrate excellent judgment, prioritization and communication of technical security risks, and act as a security liaison supporting business units.
Key Responsibilities may include:
• Splunk Admin and Architecture related tasks
• Conduct the Splunk data on-boarding sources from start to finish
• Conduct a hands-on session walking the system owner(s) through best-practices when introducing new data to Splunk.
• Data on boarding across multiple data sources
• Data normalization (extractions, tags, event types)
• Ability to debug configuration issues
• Manually create regular expressions to properly extract interesting fields from a variety of log types and normalize fields to comply with the CIM.
• Create data-source configurations specific to the Splunk CIM for use with SA-CIM data models and normalize fields to comply with the CIM.
• Create data models and knowledge objects as needed to onboard logs
Qualifications:
• Understanding of the Splunk Common Information Model, RBAC and permissions
• Understanding of Splunk Data Models
• Understanding of Splunk configurations, dependencies, and forwarder management
• Understands Splunk architecture and components (search head, deployment server, cluster master, indexers, forwarders (HF/UF)
• Ability to establish priorities, work independently and proceed with objectives.
• Strong understanding of enterprise logging using syslog-ng, with a focus on security event logging
• Knowledge of system and network architecture and interrelationships (technical and functional).
• Must be well organized and able to leverage best practices, able to thrive in fast-paced environment, and, most importantly, have the ability to approach problems with an innovative, can-do attitude
• Minimum 2 year of experience in implementing Splunk, Splunk certifications is a plus
• Minimum 5 years of experience in networking/application/ Linux system admin and/or development related roles
• Familiar with both Windows and Linux based OS
• Experience in working with multiple cross-functional teams
• Highly motivated, able to take ownership of tasks and see through completion
• Understanding of PCI requirements and support company’s annual PCI audit
• Strong communication and interpersonal skills to work with both collaborative cross-functional team of peers and other departments within the company.

Additional Skill Requirements:
• 2-3+ years of experience in an Incident Response role performing hunt activities
• Experience with enterprise-scale operations and maintenance environments
• Ability to be a Splunk language (SPL) expert
• BA or BS degree in CS, IT, or a related field
• Has at least one current recognized security professional certification such as CISSP, CISM, CISA or ISO 27001 Lead Auditor

Professional Skill Requirements:
• Demonstrates the ability to analyze and resolve issues independently in a fast-paced environment.
• Knowledge of project management tasks, experience creating documentation/presentations, and demonstrated ability to train other team members.
• Good organizational, multi-tasking, and time-management skills
• Ability to successfully pass a client background screening if required

Top skills:
Must have at least 2-3 years of experience as a security Engineer.
Good security understanding
Good systems understanding
Good understanding of splunk
Soft skills are a must.
This person will work with multiple teams day to day to monitor and log issues.
Category:IT  code:new
 
 
Job Requirements
 
 
Management, CISSP, Architecture, Focus,Engineering,Project Management, GIS, Information Security
 

Not Ready to Apply?
Contact Details
 
Recruiter
Sidhartha Suveny
 
Phone
 
 
LinkedIn