Splunk Engineer - Senior Security Specialist
Burbank, CA - USApply NowApply Later
Job ID 764196BR Location Burbank, California, United States Business The Walt Disney Company (Corporate) Date posted Aug. 14, 2020
Job Summary:At Disney, we’re storytellers. We make the impossible, possible. The Walt Disney Company is a world-class entertainment and technological leader. Walt’s passion was to continuously envision new ways to move audiences around the world—a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences — and we’re constantly looking for new ways to enhance and protect these exciting experiences.
The Global Information Security (GIS) group provides services and solutions to protect the value and use of Disney’s information through risk evaluation, collaboration, standardization, enforcement, and education across the enterprise. We protect the brand and reputation while enabling and supporting business objectives. GIS teams are located in Seattle, Burbank, and Orlando.
In order to ensure that our services keep TWDC secure, we follow an ongoing, iterative process, including continued reevaluation of our services over time to address emerging threats as well as changes in business and technology. This process includes:
- Analysis of known and emerging threats to determine risks against TWDC assets
- Creation, maintenance, governance and communication of security policies and standards across TWDC
- Assessment and audit of compliance against the security policies and standards
- Assurance that TWDC assets are effectively managed and monitored to meet TWDC security criteria
Responsibilities:The Senior Security Specialist is a deeply technical and passionate individual in the realm of information security operations. We are looking for an experienced and dynamic SIEM engineer who will strive to grow and improve a constantly evolving ecosystem spanning a varied and complex array of environments and technologies. They will help drive adoption of security best practices, while working closely with Management, other security staff members, the Security Operations Center (SOC), Incident Response (IR) team, and other internal organizations while serving as the subject matter expert for security monitoring activities covering both traditional and virtual environments.
The Senior Security Specialist will focus on Splunk Enterprise Security ensuring log ingestion, monitoring, detection and alerting are keeping pace with the continuously evolving cyber security landscape.
- Splunk Enterprise Security data model management, scripting, searching across large data sets, ensure logging, monitoring, and alerting of security events.
- Interface with Security Operations Center to ensure monitoring and detection, build vendor relationships
- Provide security expertise and technical guidance to security operations team and other internal technical partners to ensure advancement and delivery of the security strategies; drive innovation, keep pace with emerging products.
- Experience with creation of Splunk data models.
- Comprehensive knowledge of Splunk Enterprise clustered architectures, components, and data flows
- Advanced knowledge of Splunk search processing language (SPL) and best practices for searching across large data sets
- Ability to analyze and adapt vendor-produced technical add-ons to meet organization requirements.
- Ability to convert security use cases into SPL.
- Knowledge of cloud environments (i.e. AWS, Azure, GCP) and services
- Proficiency in Linux system administration, Python scripting, regular expressions, Linux shell scripting
- Knowledge of version control processes and software
- Experience with infrastructure automation tools such as Terraform and Chef.
- Ability to effectively communicate ideas in verbal, written, and visual forms.
- Drive efforts to standardize data ingestion processes and methods
- Create Splunk data models.
- Support Splunk Enterprise clustered architectures, components, and data flows
- Ensure best practices for searching across large data sets
- Analyze and adapt vendor-produced technical add-ons to meet organization requirements.
- Convert security use cases into SPL.
- Linux system administration, Python scripting, regular expressions, Linux shell scripting
- Ensure version control processes and software
- Build automation in tools such as Terraform and Chef.
- Effectively communicate ideas in verbal, written, and visual forms.
- Drive efforts to standardize data ingestion processes and methods
- Partner with various internal teams for develop and tune security monitoring in the SIEM
- Assist with financial planning for security projects, maintenance and some cost analysis along with operations and risk metric development and analysis.
- Ensure all operational processes are documented, exercised and continually improved.
- Minimum 5-7 years security operations experience in large global organizations.
- Minimum 3 years Splunk Enterprise Security
- Must have thorough knowledge of SIEM architecture and operations.
- Must have thorough knowledge of Splunk (Core and Enterprise Security) architecture, configuration, and operation.
- Must have thorough knowledge of information security components, principles, practices, and procedures.
- Must have thorough knowledge of web application, infrastructure, and internet security along with a general understanding of common operating systems, networking protocols, database, and application development. Knowledge of both private and public virtualization environments (e.g. AWS, Azure, GCP, VMware, etc.)
- Experience with scripting (e.g. Python or bash) and automation (e.g. Chef, Ansible, CloudFormation)
- Splunk Enterprise Security Certified Admin or IBM Certified Associate Administrator - Security QRadar SIEM
- Prefer an AWS Operations or Security certification
Required EducationBA/BS in business or Computer Science or appropriate work experience
Preferred EducationMaster’s Degree or other advanced degree preferred
About The Walt Disney Company (Corporate):
At Disney Corporate you can see how the businesses behind the Company’s powerful brands come together to create the most innovative, far-reaching and admired entertainment company in the world. As a member of a corporate team, you’ll work with world-class leaders driving the strategies that keep The Walt Disney Company at the leading edge of entertainment. See and be seen by other innovative thinkers as you enable the greatest storytellers in the world to create memories for millions of families around the globe.
About The Walt Disney Company:
The Walt Disney Company, together with its subsidiaries and affiliates, is a leading diversified international family entertainment and media enterprise with the following business segments: media networks, parks and resorts, studio entertainment, consumer products and interactive media. From humble beginnings as a cartoon studio in the 1920s to its preeminent name in the entertainment industry today, Disney proudly continues its legacy of creating world-class stories and experiences for every member of the family. Disney’s stories, characters and experiences reach consumers and guests from every corner of the globe. With operations in more than 40 countries, our employees and cast members work together to create entertainment experiences that are both universally and locally cherished.
This position is with Disney Worldwide Services, Inc., which is part of a business segment we call The Walt Disney Company (Corporate).
Disney Worldwide Services, Inc. is an equal opportunity employer. Applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Disney fosters a business culture where ideas and decisions from all people help us grow, innovate, create the best stories and be relevant in a rapidly changing world.