Sr. Security EngineerSan Jose, California Requisition Number R0014979 Subsidiary eBay
Looking for a company that inspires passion, courage and imagination, where you can be part of the team shaping the future of global commerce? Want to shape how millions of people buy, sell, connect, and share around the world? If you’re interested in joining a purpose driven community that is dedicated to creating an ambitious and inclusive workplace, join eBay – a company you can be proud to be a part of.
Information Security Engineer will assist with the design, implementation, security and ongoing support of the eBay’s cyber security tools and processes within eBay’s Global Information Security Team. This position will work directly with teams inside and outside of GIS as part of our overarching data security strategy for corporate and marketplaces Threat Management and Response, Data Science, and GRC initiatives.
The ideal candidate will have a passion for cybersecurity, system monitoring and analysis, and developing/automating creative solutions. As an Information Security Engineer, you will be expected to be skilled at identifying security gaps in infrastructure and process, effectively execute projects/initiatives to address them, demonstrate excellent judgment, prioritization and communication of technical security risks, and act as a security liaison supporting business units.
This person would participate as member of the delivery team that is responsible for the following activities but not limited to:
Key Responsibilities may include:
- Data on boarding across multiple data sources (windows, linux, API, database, etc)
- Knowledge of Splunk forwarder management
- Data normalization (extractions, tags, event types)
- Understanding of the Splunk Common Information Model
- Understanding of Splunk Data Models
- Understanding of Splunk configurations and dependencies
- Ability to debug configuration issues
- Architect, design, implement, support, and evaluate all security-focused tools and services
- Build and deploy automation for monitoring our infrastructure, applications, and network
- Research and recommend innovative and automated approaches for operational tasks which leverage available resources and simplify operational overhead.
- Work with Engineering and Operations teams to automate deployment and operation of the infrastructure. Manage, deploy and configure infrastructure with Puppet and other automation toolsets.
- Evaluate and propose best practices/standards, process improvements, and security policy to provide the highest levels of availability, security and data privacy.
- Provide technical inputs, evaluate and recommend new and emerging security products and technologies
- Proactively identify gaps, risks and issues and navigate organizational structure to resolve them.
- Be a strong thought leader and clearly communicate and build support for your ideas
- Performs administration, management, configuration, testing, and integration tasks related to the Splunk, BigData/Hadoop, associated platforms to include content creation, maintenance, and administration tasks.
- Research, analyze and understand log sources utilized for the purpose of security monitoring, particularly security and networking devices (such as firewalls, routers, anti-virus products, proxies, applications, and operating systems)
- Develop, implement, and execute standard procedures for the administration, content management, change management, version/patch management, and lifecycle management of the SIEM/Log Management platforms.
- Define processes for data ingestion, standardization, management and transformation.
- Strong communication skills to work with both collaborative cross-functional team of peers and departments within the company (product development, operations, networking, etc.)
- Proficient in automation of tasks and data manipulation through scripting or programming with Bash, Python, Ruby, Go, Regex.
- Solid experience in enterprise information security in large technology firms.
- Excellent understanding and experience in multiple security domains such as platform hardening, vulnerability management, penetration testing, applied cryptography, network/application traffic control.
- Ability to establish priorities, work independently and proceed with objectives
- Must be well organized and able to leverage best practices, able to thrive in fast-paced environment, and, most importantly, have the ability to approach problems with an innovative, can-do attitude
- Experience in advanced Linux and Windows system administration.
- Advanced knowledge of security trends and best practices.
- Knowledge of system and network architecture and interrelationships (technical and functional).
- Proven ability to lead and work on large/complex system deployment projects in a team environment.
- Knowledge of enterprise logging, with a focus on security event logging
- Knowledge of Splunk CIM4.0+
- 2+ years of experience with rule and advanced logic creation within SPLUNK
- 5+ years hands on experience in engineering and supporting large scale Splunk logging solutions for large corporations is preferred.
- 5+ years of multiple security platform administration or engineering within large-scale or global enterprises combined
- Demonstrated knowledge of best practices related to general administration, architecture, security, capacity planning, performance tuning, and disaster recovery.
- Understanding of PCI requirements and support company’s annual PCI audit
- Preference for at least one current recognized security professional certification such as CISSP, CISM, CISA or ISO 27001 Lead Auditor
Additional Preferred Skill Requirements:
- 1+ years of experience in an Incident Response role performing hunt activities
- Experience with enterprise-scale Splunk HA, operations and maintenance environments
- Experience with SPL, SQL, and other related search languages
- Experience with some form of configuration management tools (saltstack, puppet, etc.)
- BA or BS degree in CS, IT, or a related field
- Splunk Power User or Architect certification - preferred
- industry recognized security certifications - preferred
Professional Skill Requirements:
- Demonstrates the ability to analyze and resolve issues independently
- Knowledge of project management tasks, experience creating documentation/presentations, and demonstrated ability to train other team members.
- Good organizational, multi-tasking, and time-management skills
- Ability to successfully pass a client background screening if required
- Proven ability to work independently and as a team member in a fast paced environment
View our accessibility info
eBay Inc. is an equal opportunity employer, dedicated to workforce diversity. All qualified applicants will receive consideration for employment without regard to their protected veteran status and will not be discriminated against on the basis of disability or long term unemployment circumstances. If you are unable to submit an application because of incompatible assistive technology or a disability, please contact us at firstname.lastname@example.org. We will make every effort to respond to your request for disability assistance as soon as possible.