Security Engineer – Content DevelopmentSan Jose, California Requisition Number R0025916 Subsidiary eBay
The Senior Security Engineer will assist with the design, implementation, security and ongoing support of eBay’s detection and response tools and processes within eBay’s Global Information Security Team. This position will work directly with teams inside and outside of GIS as part of our overarching data security strategy for corporate and marketplaces Threat Management and Response, Data Science, and Global Risk and Compliance initiatives.
You will have an understanding of security alerting for Incident Response, Logging & Monitoring, and Security driven pattern recognition. You will also possess a real passion for cybersecurity, system monitoring and analysis, and developing/automating creative solutions. You will be expected to be skilled at identifying security gaps in infrastructure and process, effectively execute projects/initiatives to address them, demonstrate excellent judgment, prioritization and communication of technical security risks, and act as a security liaison supporting business units.
Key Responsibilities will include:
- Work with our Architecture team and Log Onboarding team to identify critical assets and build correlation searches in Splunk to identify indicators of compromise
- Performs administration, management, configuration, testing, and integration tasks related to the Splunk, Splunk Enterprise Security and associated platforms to include security content creation, maintenance, and administration tasks.
- Research, analyze and understand log sources utilized for the purpose of security monitoring, particularly security and networking devices (such as firewalls, routers, anti-virus products, proxies, applications, and operating systems)
- Define processes for data ingestion, normalization, management and transformation.
- Architect, design, implement, support, and evaluate all security-focused tools and services
- Build and deploy automation for monitoring our infrastructure, applications, and network
- Research and recommend creative and automated approaches for operational tasks which use available resources and simplify operational overhead.
- Provide technical inputs, evaluate and recommend new and emerging security products and technologies
- Be a strong, creative thinker and clearly communicate and build support for your ideas
- 3+ years of experience with rule and advanced logic creation within Splunk 6.0+. Advanced knowledge of SPL is a requirement.
- 5+ years hands on experience in engineering and supporting large scale Splunk logging solutions for large corporations.
- 2+ years of multiple security platform administration or engineering within large-scale or global enterprises combined
- Knowledge of Splunk CIM 4.0+
- Good communication skills to work with both collaborative multi-functional team of peers and departments within the company (product development, operations, networking, etc.)
- Proficient in automation of tasks and data manipulation through scripting or programming in one or more of the following: Bash, Python, Ruby and Go.
- Understanding and experience in multiple security domains such as platform hardening, vulnerability management, penetration testing, applied cryptography, network/application traffic control.
- Experience in Linux and Windows system administration.
- Knowledge of security trends and standard methodologies.
- Knowledge of system and network architecture and interrelationships (technical and functional).
- Ability to establish priorities, work independently and proceed with objectives
- Should be well organized and utilize standard methodologies, able to thrive in dynamic environment, and, most importantly, have the ability to approach problems with a creative, can-do attitude
- Demonstrable ability to lead and work on large/complex system deployment projects in a team environment.
- Knowledge of enterprise logging, with a focus on security event logging
- Bachelor’s degree in Computer Science, Information Technology, Information Security, Information Assurance or a related field
Additional Preferred Skill Requirements:
- Experience in any one of the following roles: Security Incident Response, Threat Hunting or Security Assessments (Red Team/Pentesting)
- Master’s degree in Computer Science, Information Technology, Information Security, Information Assurance or a related field
- Splunk Power User and/or Administrator certification
- Experience with some form of configuration management tools (saltstack, puppet and so on) and security monitoring tools (Tripwire, Imperva, Carbon Black, DarkTrace, TrapX and so on)
- Industry recognized security certifications like OSCP and SANS Certifications.
View our accessibility info
eBay Inc. is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, sex, sexual orientation, gender identity, veteran status, and disability, or other legally protected status. If you are unable to submit an application because of incompatible assistive technology or a disability, please contact us at email@example.com. We will make every effort to respond to your request for disability assistance as soon as possible.
For more information see: