Sr Cyber Data Systems Engineer (Splunk)

About the position

Join NBCUniversal Cyber Security and help us design and implement security platforms and services that enable and protect the experience of our businesses. As a member of the Cyber ECS Security Data Engineering & Insights team, you will be part of an exciting effort to transform from an operational, tool-based cyber defense program to an intelligence and threat-based organization. You will be responsible for collecting security data from across NBCUniversal and building the capabilities to drive insights and information back to the rest of the organization.

Responsibilities

• Provide secure design and engineering guidance for security data collection, insights, and analytics.
• Onboard various data elements via a data streaming platform across NBC Universal’s business entities.
• Ensure uninterrupted ingestion of critical systems data into threat detection, analytics, and response systems.
• Provide excellent support and service to other teams that rely on security data systems – help share knowledge, and assist in creation and management of dashboards, alerts, reports, and other knowledge objects.
• Facilitate knowledge sharing by creating and maintaining detailed documentation and diagrams, while also collaborating with other team members on standard processes and technology roadmaps.
• Maintain & support platform infrastructure for SIEM and endpoint product implementations.
• Participate in an on-call rotation for support of systems outside of normal business hours and be available to perform maintenance and critical operations as needed.
• Be able to thrive in a fast-paced environment using proper organizational skills to ensure deliverables are met.

Requirements

• 5+ years of Cybersecurity and data engineering experience with a focus on working with Splunk.
• A deep understanding of SIEM security principles and how to apply them.
• Experience implementing automation, pipeline, data processing, and security frameworks.
• 5+ years of Splunk Architecture and Administration Experience.
• Familiarity with large security data solutions such as AWS Security Lake, Data Bricks, Snowflake, Splunk etc.
• Experience with cloud computing platforms, specifically AWS and/or Azure.
• Familiarity with Serverless services like AWS Lambda or Azure Functions.
• Proficient in Python, Bash or other scripting language.
• Solid understanding of data structures and algorithms.
• Leverage data to drive design and risk decisions using various sources and basic analytics to create clear metrics and reports.
• Knowledge of microservices architecture and containerization technologies.
• Highly collaborative; personally, and professionally self-aware; able to and interested in interacting with employees at all levels; embody integrity; and represent and inspire the highest ethical standards.
• Desire to try things and iterate on them, fail fast, and focus on functionality that matters.
• Eagerness to learn new security tools/services to support broadening our portfolio.
• Experience with CI/CD technologies (GitHub Actions, Jenkins, CodePipeline, etc.)

Nice-to-haves

• Splunk Enterprise Admin or Architect certification.
• Strong problem-solving and analytical skills.
• Understanding of event-driven architecture and asynchronous programming patterns.
• Familiar with ML algorithms and tech stacks.
• Experience configuring and managing rsyslog/syslog-ng.
• Datadog Administration Experience.
• Experience with cyber monitoring of assets and resolution.
• Experience with Vector and/or Logstash.
• Experience with configuration management tools (Ansible, Chef, Puppet, etc.)

Benefits

• Medical, dental and vision insurance.
• 401(k).
• Paid leave.
• Tuition reimbursement.
• A variety of other discounts and perks.