Senior Splunk Engineer

Sep 18, 2024
Austin, United States
... Not specified
... Senior
Full time
... Office work


WHAT YOU DO AT AMD CHANGES EVERYTHING

We care deeply about transforming lives with AMD technology to enrich our industry, our communities, and the world. Our mission is to build great products that accelerate next-generation computing experiences – the building blocks for the data center, artificial intelligence, PCs, gaming and embedded. Underpinning our mission is the AMD culture. We push the limits of innovation to solve the world’s most important challenges. We strive for execution excellence while being direct, humble, collaborative, and inclusive of diverse perspectives. 

AMD together we advance_




THE ROLE

As a Splunk Engineer and a key member of the Security Engineering team, you will support Splunk Enterprise Security administration and management, managing enterprise SIEM infrastructure to improve data ingestions processes, including architectural work. You will provide engineering and design support for a distributed Splunk environment consisting of heavy forwarders, indexers, and search head servers, spanning security, performance, and operational roles.

THE PERSON

As an SIEM / Splunk Engineer, you will help mature the security posture of the corporate environment. You will influence others with your security mindset and inspire change at all levels. You will have excellent communication skills, both oral and written. You will be a team player, organized, responsible and a highly detailed problem solver.

KEY RESPONSIBILITIES

  • Install, configure, and update Splunk Enterprise and Splunk Enterprise Security environments in a multi-site environment, following best practices from Splunk Professional Services.
  • Configure multi-site Search Head clustering and advanced Splunk options like Indexer.
  • Ability to handle technical add-ons for efficiently on-barding data and meeting Splunk CIM compliance for Enterprise Security accelerated data models.
  • Troubleshoot and resolve issues discovered during log onboarding
  • Demonstrated experience working with Security and operations team to clarify needs and requirements and to build a solution vision, including experience articulating the value of analyzing machine data for operational intelligence, security, and compliance.
  • Interface with AMD IT team to provide SIEM-driven insight into operations, risk, performance and behavior
  • Implement, architect, administer Splunk and Splunk Enterprise Security Suite and perform data ingestion and data visualization for Splunk and Splunk Enterprise Security Suite
  • Extend SIEM to integrate threat intelligence sources in context of AMD’s risk profile
  • Ability to collaborate on the design and implementation of security configurations and services to support SIEM data capture and significant analysis
  • Correlate AMD’s service and app activities with threat intelligence, to pinpoint risk areas, IoCs, trajectories.
  • Collaborate with AMD Product Development groups to augment and scale product logging capabilities for increased alignment and analytics with SIEM
  • Administer and tune Splunk architecture, handle escalation and issue resolution for the SIEM platform components
  • Develop real-time analysis of security and application data, delivering timely vision to support risk-driven detection and response.
  • Achieve capacity planning for Splunk infrastructure

PREFERRED EXPERIENCE:

  • Strong knowledge of security concepts, networks, risk procedures, security patterns, authentication technologies and security attacks.
  • Capacity to develop, evaluate, and document specific metrics for management purposes.
  • Ability to perform maintenance and optimization of existing clustered Splunk deployments.
  • Experience in creating dashboards to monitor the traffic volumes, response times, errors, and warnings across various data centers.
  • Proficiency in developing documentation with processes and procedures.
  • In-depth experience in using customer focused Splunk Enterprise Security SIEM engineering background.
  • Ability to create, manage, and support automation solutions for Splunk deployment and orchestration in on-site and cloud environments.
  • Experience with Splunk Enterprise Security or integration with other Security Information and Event Management (SIEM) platforms.
  • Proficiency in data on-boarding activities including routing, parsing, and normalizing events to the Splunk Common Information Model (CIM).
  • Proficiency in onboarding data using Splunk developed add-ons for Windows, Linux, and common third-party devices and applications.

ACADEMIC CREDENTIALS:

  • Bachelor’s Degree.
  • Splunk Certification (Certified Admin or Certified Architect) preferable

LOCATION:  Austin, TX

 

 

#LI-MF2

#LI-HYBRID




At AMD, your base pay is one part of your total rewards package.  Your base pay will depend on where your skills, qualifications, experience, and location fit into the hiring range for the position. You may be eligible for incentives based upon your role such as either an annual bonus or sales incentive. Many AMD employees have the opportunity to own shares of AMD stock, as well as a discount when purchasing AMD stock if voluntarily participating in AMD’s Employee Stock Purchase Plan. You’ll also be eligible for competitive benefits described in more detail here.

 

AMD does not accept unsolicited resumes from headhunters, recruitment agencies, or fee-based recruitment services. AMD and its subsidiaries are equal opportunity, inclusive employers and will consider all applicants without regard to age, ancestry, color, marital status, medical condition, mental or physical disability, national origin, race, religion, political and/or third-party affiliation, sex, pregnancy, sexual orientation, gender identity, military or veteran status, or any other characteristic protected by law.   We encourage applications from all qualified candidates and will accommodate applicants’ needs under the respective laws throughout all stages of the recruitment and selection process.

At AMD, your base pay is one part of your total rewards package.  Your base pay will depend on where your skills, qualifications, experience, and location fit into the hiring range for the position. You may be eligible for incentives based upon your role such as either an annual bonus or sales incentive. Many AMD employees have the opportunity to own shares of AMD stock, as well as a discount when purchasing AMD stock if voluntarily participating in AMD’s Employee Stock Purchase Plan. You’ll also be eligible for competitive benefits described in more detail here.

 

AMD does not accept unsolicited resumes from headhunters, recruitment agencies, or fee-based recruitment services. AMD and its subsidiaries are equal opportunity, inclusive employers and will consider all applicants without regard to age, ancestry, color, marital status, medical condition, mental or physical disability, national origin, race, religion, political and/or third-party affiliation, sex, pregnancy, sexual orientation, gender identity, military or veteran status, or any other characteristic protected by law.   We encourage applications from all qualified candidates and will accommodate applicants’ needs under the respective laws throughout all stages of the recruitment and selection process.

THE ROLE

As a Splunk Engineer and a key member of the Security Engineering team, you will support Splunk Enterprise Security administration and management, managing enterprise SIEM infrastructure to improve data ingestions processes, including architectural work. You will provide engineering and design support for a distributed Splunk environment consisting of heavy forwarders, indexers, and search head servers, spanning security, performance, and operational roles.

THE PERSON

As an SIEM / Splunk Engineer, you will help mature the security posture of the corporate environment. You will influence others with your security mindset and inspire change at all levels. You will have excellent communication skills, both oral and written. You will be a team player, organized, responsible and a highly detailed problem solver.

KEY RESPONSIBILITIES

  • Install, configure, and update Splunk Enterprise and Splunk Enterprise Security environments in a multi-site environment, following best practices from Splunk Professional Services.
  • Configure multi-site Search Head clustering and advanced Splunk options like Indexer.
  • Ability to handle technical add-ons for efficiently on-barding data and meeting Splunk CIM compliance for Enterprise Security accelerated data models.
  • Troubleshoot and resolve issues discovered during log onboarding
  • Demonstrated experience working with Security and operations team to clarify needs and requirements and to build a solution vision, including experience articulating the value of analyzing machine data for operational intelligence, security, and compliance.
  • Interface with AMD IT team to provide SIEM-driven insight into operations, risk, performance and behavior
  • Implement, architect, administer Splunk and Splunk Enterprise Security Suite and perform data ingestion and data visualization for Splunk and Splunk Enterprise Security Suite
  • Extend SIEM to integrate threat intelligence sources in context of AMD’s risk profile
  • Ability to collaborate on the design and implementation of security configurations and services to support SIEM data capture and significant analysis
  • Correlate AMD’s service and app activities with threat intelligence, to pinpoint risk areas, IoCs, trajectories.
  • Collaborate with AMD Product Development groups to augment and scale product logging capabilities for increased alignment and analytics with SIEM
  • Administer and tune Splunk architecture, handle escalation and issue resolution for the SIEM platform components
  • Develop real-time analysis of security and application data, delivering timely vision to support risk-driven detection and response.
  • Achieve capacity planning for Splunk infrastructure

PREFERRED EXPERIENCE:

  • Strong knowledge of security concepts, networks, risk procedures, security patterns, authentication technologies and security attacks.
  • Capacity to develop, evaluate, and document specific metrics for management purposes.
  • Ability to perform maintenance and optimization of existing clustered Splunk deployments.
  • Experience in creating dashboards to monitor the traffic volumes, response times, errors, and warnings across various data centers.
  • Proficiency in developing documentation with processes and procedures.
  • In-depth experience in using customer focused Splunk Enterprise Security SIEM engineering background.
  • Ability to create, manage, and support automation solutions for Splunk deployment and orchestration in on-site and cloud environments.
  • Experience with Splunk Enterprise Security or integration with other Security Information and Event Management (SIEM) platforms.
  • Proficiency in data on-boarding activities including routing, parsing, and normalizing events to the Splunk Common Information Model (CIM).
  • Proficiency in onboarding data using Splunk developed add-ons for Windows, Linux, and common third-party devices and applications.

ACADEMIC CREDENTIALS:

  • Bachelor’s Degree.
  • Splunk Certification (Certified Admin or Certified Architect) preferable

LOCATION:  Austin, TX

 

 

#LI-MF2

#LI-HYBRID

COMPANY JOBS
1067 available jobs
WEBSITE