Splunk Engineer - Enterprise Security
Burbank, California, United StatesApply NowApply Later
Job ID 775777BR Location Burbank, California, United States Business The Walt Disney Company (Corporate) Date posted Mar. 15, 2021
Job Summary:At Disney, we’re storytellers. We make the impossible, possible. The Walt Disney Company is a world-class entertainment and technological leader. Walt’s passion was to continuously envision new ways to move audiences around the world—a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences — and we’re constantly looking for new ways to enhance and protect these exciting experiences.
The Global Information Security (GIS) group provides services and solutions to protect the value and use of Disney’s information through risk evaluation, collaboration, standardization, enforcement, and education across the enterprise. We protect the brand and reputation while enabling and supporting business objectives. GIS teams are located in Seattle, Burbank, and Orlando.
In order to ensure that our services keep TWDC secure, we follow an ongoing, iterative process, including continued reevaluation of our services over time to address emerging threats as well as changes in business and technology. This process includes:
- Analysis of known and emerging threats to determine risks against TWDC assets
- Creation, maintenance, governance and communication of security policies and standards across TWDC
- Assessment and audit of compliance against the security policies and standards
- Assurance that TWDC assets are effectively managed and monitored to meet TWDC security criteria
We look to add people to our team who are focused on delivery, prioritize data-driven decisions over opinions, are continuous learners, passionate about information security and love their work.
Responsibilities:The Senior Security Specialist is responsible for a broad range of responsibilities, with a primary emphasis on SIEM operations. The Senior Security Specialist will work closely with Management, other senior security staff members, the Security Operations Center (SOC), Incident Response (IR) team, and other internal organizations to serve as the subject matter expert for SIEM-related activities covering both traditional and virtual environments.
- Develop and maintain the technology roadmap for the deployment and ongoing operations of Splunk Enterprise Security software and appliance-based products across a large and diverse enterprise.
- Architecture integrations of various data sources with Splunk
- Partner with various internal teams to develop and tune security monitoring in the SIEM.
- A key point of escalation for other security engineers and analysts, provide guidance and mentoring using adaptive communication style that promotes learning.
- Create or direct the creation of operational security metrics via the most efficient method (i.e. dashboards, reports).
- Responsible to help drive the security-related data collection methodologies across the enterprise.
- Be proactive in tracking information security trends, standards and practices to identify needs for enhancing or developing security solutions.
- Identify security considerations for design and deployment of new applications, technologies, and solutions across the enterprise.
- Create, review, and revise use cases to support content within SIEM tools, working in partnership with the Detection team.
- Support investigations with respect to event analysis and forensics.
- Direct and propose new network monitoring and security operations to drive a risk based approach to threat detection
- Design, develop, implement SIEM ingestion pipelines that scale to the needs of data ingestion for the SIEM
- Recommends various automation requirements to facilitate security event handling
- Reviews, prepares or presents executive-level key reporting around SIEM and detection
- Promote awareness of applicable security policies and standards.
- Minimum 5+ years security operations experience in large global organizations.
- Minimum 5 years SIEM operations.
- Must have thorough knowledge of Splunk SIEM, Enterprise Security architecture and operations.
- Must have thorough knowledge of information security components, principles, practices, and procedures.
- Must have thorough knowledge of web application, infrastructure, and internet security along with a general understanding of common operating systems, networking protocols, database, and application development.
- Minimum 2 years’ experience of both private and public virtualization environments (e.g. AWS, Azure, GCP, VMware, etc.)
- Minimum 2 years’ experience with scripting (e.g. Python or bash) and automation (e.g. Chef, Ansible, CloudFormation)
- Minimum 1 year designing, implementing and maintaining a 10TB+ multi-site Splunk Infrastructure
- Minimum 2 years Designing, Implementing, and Maintaining a Multi-Site Splunk SmartStore based indexing infrastructure in AWS.
- Minimum 2 Years of API experience with AWS Kinesis, AWS SQS, AWS SNS.
- Knowledge of serverless pipelines in Azure, AWS and GCP to ensure scalability for log delivery to the SIEM.
- Knowledge of automation and orchestration integration with Splunk Enterprise Security
- Python preferred
- Prefer one of the following general certifications: CISSP, CISM, CISA or equivalent
- Prefer an application-specific certification: Splunk Certified Admin or IBM Certified Associate Administrator
- Prefer an AWS Operations or Security certification.
- BA/BS in business or computer science or appropriate work experience
About The Walt Disney Company (Corporate):
At Disney Corporate you can see how the businesses behind the Company’s powerful brands come together to create the most innovative, far-reaching and admired entertainment company in the world. As a member of a corporate team, you’ll work with world-class leaders driving the strategies that keep The Walt Disney Company at the leading edge of entertainment. See and be seen by other innovative thinkers as you enable the greatest storytellers in the world to create memories for millions of families around the globe.
About The Walt Disney Company:
The Walt Disney Company, together with its subsidiaries and affiliates, is a leading diversified international family entertainment and media enterprise with the following business segments: media networks, parks and resorts, studio entertainment, consumer products and interactive media. From humble beginnings as a cartoon studio in the 1920s to its preeminent name in the entertainment industry today, Disney proudly continues its legacy of creating world-class stories and experiences for every member of the family. Disney’s stories, characters and experiences reach consumers and guests from every corner of the globe. With operations in more than 40 countries, our employees and cast members work together to create entertainment experiences that are both universally and locally cherished.
This position is with Disney Worldwide Services, Inc., which is part of a business segment we call The Walt Disney Company (Corporate).
Disney Worldwide Services, Inc. is an equal opportunity employer. Applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability, or protected veteran status or any other basis prohibited by federal, state or local law. Disney fosters a business culture where ideas and decisions from all people help us grow, innovate, create the best stories and be relevant in a rapidly changing world.