SantaAnaRecruiter Since 2001
the smart solution for Santa Ana jobs

Senior Splunk Security Engineer

Company: First American Financial Corp.
Location: Santa Ana
Posted on: November 22, 2021

Job Description:

Job Family: Information Security Professionals Requisition Number: R028879 Work Location: Santa Ana , CA Employment Category: Full Time - Regular Join a team that puts its People First! Since 1889, First American (NYSE: FAF) has held an unwavering belief in its people. They are passionate about what they do, and we are equally passionate about fostering an environment where all feel welcome, supported, and empowered to be innovative and reach their full potential. Our inclusive, people-first culture has earned our company numerous accolades, including being named to the Fortune 100 Best Companies to Work For-- list for six consecutive years. We have also earned awards as a best place to work for women, diversity and LGBTQ+ employees, and have been included on more than 50 regional best places to work lists. First American will always strive to be a great place to work, for all. For more information, please visit www.careers.firstam.com. Job Summary Senior Splunk Security Engineer Summary The Senior Information Security Engineer will be a part of the corporate information security logging and monitoring team. Security Engineer will have a passion for managing corporate information security along with a desire to relentlessly champion best practices. This role is responsible for performing all functions required to support day-to-day security operations, while supporting and maintaining a central logging and SIEM infrastructure. Candidate will collaborate with Information Technology staff and business units to examine and understand and assist with their logging requirements. This is a senior-level Splunk Engineer position within a quickly growing Splunk team. Essential Functions

  • Configure Splunk Searching and Reporting modules, Knowledge Objects, Administered Data Ingestion, Add-On's, Dashboards, Index Cluster and Forwarder Management
  • Identify gaps in existing security capabilities.
  • Support the team to maintain the strategic Splunk architectural development roadmap
  • Responsible for Splunk deployment and server infrastructure analysis, optimization, and capacity planning
  • Responsible for onboarding and maintaining a wide variety of data sources to include various OS, appliance, and application logs
  • Configure Splunk forwarders and indexers to ingest infrastructure logs.
  • Support Splunk on Unix, Linux, and Windows-based platforms
  • Perform data mining and analysis, using various query and reporting methods
  • Solve/troubleshoot complex integration challenges and configuration issues
  • Create advanced searches, dashboards, visualizations on Splunk Cloud and ES
  • Manage Splunk knowledge objects
  • Technical writing/creation of formal documentation such as architecture diagrams, technical designs, and SOPs Job Complexities
    • Use skills as a seasoned, experienced professional with a full understanding of industry practices and established policies and procedures
    • Troubleshoot and guide others on a wide variety of complex problems and identify solutions within broad application and functional expertise Knowledge and Skills/Technology Used
      • Experience in setting up and managing an Enterprise-wide Security Incident and Event Management (SIEM) based on Splunk Cloud
      • Strong experience with Splunk Programming Language (SPL), alerting methods and dashboard creation
      • Assist data owners with data inputs and aid with the creation of Splunk search queries, dashboards, data models, and correlation searches
      • Experience with Splunk Enterprise Security is required and experience with cloud environments is highly preferred
      • Understanding the structure of Network Devices logs, VMWare infrastructure, Strong understanding of the IP/TCP Stack--
      • Experience with Python, Shel or other scripting language Good knowledge of virtual environment based on VMWare infrastructure
      • Experience in using API for data ingestion and tools integration
      • Experience in Linux/UNIX Systems administration, preferably with RedHat
      • Understanding of service delivery management and service lifecycle
      • Self-motivated and self-educating, yet willing and able to work collaboratively with both customers and fellow team members Typical Education
        • Bachelor's Degree in Computer Science, Information Technology, Telecommunications, or Electrical Engineering, or equivalent work experience Typical Range of Experience
          • Minimum 7 years information security experience
          • 5+ years hands on experience with networking, intrusion detection, VPN, PKI, Next-Generation firewalls, NAC; Identity management and encryption technologies License or Certification
            • CISSP, GIAC, Splunk Certification preferred First American invests in its employees' development and well-being, empowers them to provide superior customer service and encourages them to serve the communities where they live and work. First American is committed to diversity and inclusion. We are an equal opportunity employer. Based on eligibility, First American offers a comprehensive benefits package including medical, dental, vision, 401k, PTO/paid sick leave and other great benefits like an employee stock purchase plan. Returning users, access your profile or edit/update your resume. First American Title Insurance Company makes no express or implied warranty respecting the information presented and assumes no responsibility for errors or omissions. First American, the eagle logo, firstam.com, and First American Title are registered trademarks or trademarks of First American Financial Corporation and/or its affiliates.

Keywords: First American Financial Corp., Santa Ana , Senior Splunk Security Engineer, Engineering , Santa Ana, California

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category
within


Log In or Create An Account

Get the latest California jobs by following @recnetCA on Twitter!

Santa Ana RSS job feeds