Sony Corporation of America (SCA), is seeking a Splunk Engineer to join the Global Information Security Department (GISD) in Herndon, VA. This position will report to the Principal Splunk Manager in the Cyber Defense Mission Engineering Department. The Splunk Engineer will provide implementation, data and O&M support of the Splunk infrastructure that enables global incident response operations, analysis, and coordination, and forensics. The Cyber Defense team is a pivotal part of Sony’s program to secure its information assets, services, and the products that depend on them, building trust with customers and stakeholders and protecting the privacy of Sony’s customers.
All candidates must be authorized to work in the USA
Sony is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religious creed, sex (including pregnancy), gender, national origin, citizenship, ancestry, age, physical or mental disability, military status, status as a veteran or disabled veteran, sexual orientation, gender identity or expression, marital or family status, genetic information, medical condition, or any other basis protected by applicable federal, state, or local law, ordinance, or regulation.
Responsible for bringing in new data sources into the Splunk environment
Engineer, configure and administer Splunk content and infrastructure
Assist in the proper operation and performance of the overall Splunk infrastructure
Perform content development to properly identify data feeding SIEMs and correlation of events
Develop filters to assist in the identification of significant events (correlation and use cases)
Provide recommendations and implement changes to optimize Splunk products in the customer environment
Provide operations, maintenance and monitoring support for the Splunk infrastructure
Write and develop custom scripts and Splunk apps and TAs as needed
Develop metrics-based reporting to enhance situational awareness
Demonstrated technical expertise with the following:
Splunk or other similar SIEM technology
SQL and/or Oracle Databases
SIEM Content Development
One or more of the following languages: Python, Ruby, PowerShell, Perl, etc.
Minimum 5 years with the design, configuration, and support of Splunk 6.x, or similar
Technical writing experience:
Ability to perform basic scripting tasks with Splunk to automate repeatable processes using Python, Ruby, PowerShell, Perl, etc.
Able to interact with customers and team members and product support personnel
Experience with interpreting requirements and implementing use cases
Experience writing MS SQL expressions
Experience developing enterprise strategic implementation of Splunk deployments highly preferred
Implementation/support of Splunk experience highly preferred
Certified Splunk Architect or Engineer highly preferred
Bachelor’s Degree in Information Systems, Information Security, Engineering, or equivalent work experience
Candidates should possess interpersonal skills
Strong analytical and creative problem-solving skills