Previous Job
Previous
Information Security Engineer
Ref No.: 18-00017
Location: San Jose, California
Start Date: 01/05/2018
 Description:
Replacing EBAYJP00014731

Job Description – Sr Information Security Engineer
Rate should be $100-115/hr depending on background

eBay information security is looking for a candidate who will assist with the design, implementation, security and ongoing support of the cyber security tools and processes within their Global Information Security Team.
This position will work directly with teams inside and outside of GIS as part of our overarching data security strategy for corporate and marketplaces Threat Management and Response, Data Science, and GRC initiatives.
The ideal candidate will have a passion for cybersecurity, system monitoring and analysis, and developing/automating creative solutions. As a Security Engineer, you will be expected to be skilled at identifying security gaps in infrastructure and process, effectively execute projects/initiatives to address them, demonstrate excellent judgment, prioritization and communication of technical security risks, and act as a security liaison supporting business units.

Key Responsibilities may include:
• Provide technical inputs, evaluate and recommend new and emerging security products and technologies
• Defines security configurations for threat detection and prevention tools
• Designs automated workflows to streamline security operations
• Monitors and proactively manages supported products and services to assure their performance, availability, security, and capacity.
• Researches, analyzes, and formulates recommendations regarding technologies, products,
and solutions to fulfill requirements within the enterprise.
• Security tool administration and support(Network/Endpoint/Threat Hunting/Investigations)
• Tool deployment and implementation experience on a global scale
• Splunk Admin and Architecture related tasks
• Ability to debug configuration issues on different splunk components
• Understanding of Splunk configurations, dependencies, and forwarder management
• Understands Splunk architecture and components (search head, deployment server, cluster master, indexers, forwarders (HF/UF)
• Strong understanding of enterprise logging using syslog-ng, with a focus on security event logging
• Knowledge of system and network architecture and interrelationships (technical and functional).
• Designs, implements, configures, and manages solutions within the supported Linux technologies, products, and services.
• Research and recommend innovative and automated approaches for operational tasks which leverage available resources and simplify operational overhead.
• Develop, implement, and execute standard procedures for the administration, content management, change management, version/patch management, and lifecycle management of the SIEM/Log Management platforms


Basic Qualifications:
• Minimum 8-10 years of experience in Security Administration
• Minimum 3 years of experience in implementing and managing Splunk in a large scale environment
• Must be well organized and able to leverage best practices, able to thrive in fast-paced environment, and, most importantly, have the ability to approach problems with an innovative, can-do attitude
• Demonstrates the ability to analyze and resolve issues independently
• Knowledge of project management tasks, experience creating application documentation, and demonstrated ability to train other team members.
• Manage maintenance, enhancements and upgrades for supported security systems using standard project methodology
• Scripting knowledge is a plus (python, shell)
• Bachelors Degree preferred
• Splunk certifications is a plus
• Preference for at least one current recognized security professional certification such as CISSP, GIAC
• Experience in working in a highly dynamic large scale enterprise
• Knowledge of security vendors and security product capabilities

• Professional Skill Requirements:
• Good organizational, multi-tasking, and time-management skills
• Ability to successfully pass a client background screening if required
• Proven ability to work independently and as a team member
• Good communication (written and oral) and interpersonal skills
• Ability to work with multiple teams in a fast paced environment

Team: Security Ops Center
Project: Splunk

Day to day: 50% maintaining Splunk, Other 50% is security admin, configure, monitor for threat prevention

Technology skills:
-looking for well rounded background with 3+ years of Splunk for large scale environment, deployment, and experience with expanding cluster.
-8+ years of security administration

Team will use: any of the following will be pluses: Symantec Vontu, Tripwire for file integrity monitoring, Imperva for database monitoring, netwitness/Cyphort for fraud and malware monitoring

Soft skills: good communication skills (written and oral)

Interview Process: Phone screening and in person with 5 team members

*Must be local candidate. No remote work will be offered.