Platzhalter Bild

Sr Engineer Security (SIEM) na Fanatics Retail Group Fulfillment, LLC

Fanatics Retail Group Fulfillment, LLC · Hyderabad, Índia · Hybrid

Candidatar-se agora

RESPONSIBILITIES: 

 

Splunk Infrastructure & Administration

  • Design, deploy, and maintain enterprise solutions and components for Splunk Cloud and on premises environments including Search Heads, Indexers, Forwarders and Deployment Servers
  • Manage Splunk high availability configurations
  • Deploy, configure, and maintain Splunk Connect for Syslog (SC4S)
  • Perform capacity planning, performance tuning, and resource optimization
  • Implement and maintain data retention policies and index management strategies
  • Oversee Splunk upgrades, patches, and maintenance activities

Data Integration & Management

  • Configure and manage universal forwarders, heavy forwarders, and data inputs from diverse sources
  • Develop and maintain data parsing, field extractions, and data models
  • Create and optimize indexes, source types, and data routing configurations
  • Implement data quality controls and validation processes
  • Design efficient search strategies and query optimization

Development & Automation

  • Develop custom Splunk applications, dashboards, and visualizations
  • Create and maintain complex SPL (Search Processing Language) queries and reports
  • Build automated monitoring solutions and alerting mechanisms
  • Develop Python scripts and REST API integrations for Splunk automation
  • Implement Infrastructure as Code (IaC) practices for Splunk deployments

Security & Compliance

  • Design and implement security information and event management (SIEM) solutions
  • Develop security monitoring use cases and threat detection scenarios
  • Create compliance reporting and audit trail mechanisms
  • Implement role-based access controls and data classification policies
  • Support incident response and forensic investigations

Collaboration & Leadership

  • Mentor team members and provide technical guidance
  • Collaborate with cross-functional teams 
  • Lead technical architecture reviews and design sessions
  • Participate in on-call rotation and provide escalation support
  • Document processes, procedures, and best practices

 

EDUCATIONAL REQUIREMENTS: 

  • Bachelor’s degree in computer science, Information Systems, or equivalent combination of education and experience  

  • Relevant Security Certifications

     

EXPERIENCE REQUIRED:

  • A minimum of 10 years of experience. 

 

 

QUALIFICATIONS, KNOWLEDGE, SKILLS & ABILITIES: 

  • 7+ years of hands-on Splunk experience including administration and development 
  • Splunk certifications required: Splunk Core Certified Admin, Splunk Core Certified Power User, Splunk Cloud Certified Admin
  • Preferred certifications: Splunk Enterprise Security Certified Admin, Splunk IT Service Intelligence 
  • Proficiency in SPL (Search Processing Language) and advanced search techniques 
  • Experience with Splunk Enterprise Security (ES), IT Service Intelligence (ITSI), or other Splunk premium applications 
  • Strong knowledge of Linux/Unix systems administration 
  • Scripting experience in Python, Shell, PowerShell, or similar languages 
  • Understanding of networking protocols, log formats, and data sources (syslog, JSON, XML, etc.)

    Infrastructure & Tools

  • Experience with virtualization platforms (VMware, Hyper-V) and cloud environments (AWS, Azure, GCP)
  • Knowledge of configuration management tools (Terraform, Ansible, Puppet, Chef)
  • Familiarity with containerization technologies (Docker, Kubernetes)
  • Experience with load balancers, firewalls, and network security devices
  • Understanding of database systems and SQL

    Security & Compliance

  • Knowledge of security frameworks (NIST, ISO 27001, PCI-DSS, SOX)
  • Experience with threat hunting and incident response procedures
  • Understanding of common attack vectors and security monitoring best practices
  • Familiarity with compliance reporting requirements

     

Preferred Qualifications

  • Bachelor's degree in Computer Science, Information Technology, or related field
  • Experience with additional SIEM platforms
  • Knowledge of machine learning and statistical analysis techniques
  • Experience with DevOps practices and CI/CD pipelines
  • Industry certifications such as CISSP, GCIH, or equivalent

    Technical Environment

  • Multi-terabyte daily data ingestion
  • High-availability clustered deployments
  • Integration with enterprise security tools and business applications
  • Hybrid cloud and on-premises infrastructure

 

General skills include:

  • Strong critical thinking and analytical skills

  • Ability to approach problem solving in a constructive and collaborative way that does not require absolute security. 

  • The ability to communicate complicated technical issues and risks to programmers, network engineers and managers.
  • Strong leadership, project, and team-building skills

Exceptional communication skills with diverse audiences; the ability to be an infrastructure security subject matter expert who can explain relevant topics to general audiences

 

 

 

Candidatar-se agora

Outros empregos