Comcast: Senior Splunk Security Engineer at Comcast (Moorestown, NJ) (Moorestown, NJ)
Posted: Aug 13, 2019
Comcast brings together the best in media and technology. We drive innovation to create the world's best entertainment and online experiences. As a Fortune 50 leader, we set the pace in a variety of innovative and fascinating businesses and create career opportunities across a wide range of locations and disciplines. We are at the forefront of change and move at an amazing pace, thanks to our remarkable people, who bring cutting-edge products and services to life for millions of customers every day. If you share in our passion for teamwork, our vision to revolutionize industries and our goal to lead the future in media and technology, we want you to fast-forward your career at Comcast.
Comcast brings together the best in media and technology. We drive innovation to create the world’s best entertainment and online experiences. As a Fortune 50 leader, we set the pace in a variety of innovative and fascinating businesses and create career opportunities across a wide range of locations and disciplines. We are at the forefront of change and move at an amazing pace, thanks to our remarkable people, who bring cutting-edge products and services to life for millions of customers every day. If you share in our passion for teamwork, our vision to revolutionize industries and our goal to lead the future in media and technology, we want you to fast-forward your career at Comcast.
The Senior Splunk Security Engineer, a role residing within the Comcast Cybersecurity Organization, will be responsible for the administration, maintenance, operations and support of the Comcast Splunk Enterprise environment. The candidate will also serve as a liaison between Cybersecurity teams and Comcast business units to ensure appropriate administration and system monitoring are performed to manage and address detected threats or required coverage.
The engineer should have a deep technical understanding of application, host, cloud, and network security tools and techniques, must be familiar with Splunk administration, security industry standards and best practices, and must be able to effectively work with development, engineering, and operational counterparts. The position is highly collaborative across a variety of teams, both technical and non-technical, and will require a strong ability to build effective, productive, relationships in order to succeed.
- Administer the Splunk application, infrastructure (AWS), including implementing the access control, data segmentation, and general Splunk infrastructure
- Set up and configure Splunk search heads, deployment servers, clustered indexes, and forwarders
- Create data retention policies and perform index administration, maintenance and optimization
- Collaborate with the Splunk Architects to ensure the proposed design is feasible, efficient, effective, and scalable as it pertains to functionality as well as infrastructure costs
- Build, configure, implement, and maintain Splunk architectural design
- Document the implementation and configuration changes
- Manage the installation and integration of system fixes, updates, and enhancements; and ensuring the rigorous application of information security/information assurance policies, principles, and practices
- Perform standard system maintenance (including patch implementation) as required to maintain the Splunk infrastructure
- Create production quality dashboards, reports and threshold alerting mechanisms
- Establish effective measurements and reporting methodologies to manage performance and effectiveness of key security programs
- Communicate progress of work in progress, key initiatives, and walkthroughs on complex designs and architecture
- 3 to 5 Years of Splunk Admin experience
- Experience in performance tuning, troubleshooting, managing high availability for large scale Splunk environments
- Splunk expertise with strong information security experience and working knowledge of regular expressions to effectively extract key tokens of data into meaningful fields
- A sophisticated understanding of Splunk “Search” language and a deep understanding of Splunk Dashboards, Reports, Lookup Tables, and Summary Indexes
- Awareness of the Common Information Model and how to apply it directly and indirectly to data feeds
- Experience with Splunk Apps and familiar with Splunk architecture and best practices
- Experience with reviewing, analyzing and coordinating requirements for ingesting auditable and actionable events into Splunk
- Experience working with Kafka and cloud environments to manage data collection, parsing, storage, and search capabilities
- Strong Linux background with experience deploying systems and applications, operational and threat detection monitoring, ETL, and configuration management
- Knowledge of networking tools like netflow, packet capture, IDS/IPS, Bro/Zeek, and other security related tools
- Superior communication skills with an ability to develop a strong rapport across a variety of technical and non-technical teams
- Proven ability to excel in a team, as an individual, in a dynamic environment and still meet deadlines
Education Level Bachelor’s Degree
Field of Study Preferably in Engineering, Computer Science or related field
Certifications Preferred: Splunk Core Certified User, Splunk Core Certified Power User, Splunk Enterprise Certified Admin, Splunk Enterprise Security Certified Admin, Splunk Enterprise Certified Architect, or CISSP
Years’ Experience Generally requires 6+ years related experience
Compliance Comcast is an EEO/AA/Drug Free WorkplaceA
Disclaimer The above information has been designed to indicate the general nature and level of work performed by employees in this role. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications
Comcast is anEOE/Veterans/Disabled/LGBT employerand all qualified applicants will receive consideration for employment without regard to age, race, creed, color, national origin, ancestry, marital status, affectional or sexual orientation, gender identity or expression, disability, nationality, sex or any other legally protected category.