Senior Principal Splunk Engineer

Symantec   •  

Mountain View, CA

5 - 7 years

Posted 238 days ago

This job is no longer available.

About the Role:

The Global Security Office is currently seeking candidates for an experienced Splunk Architect. This is an opportunity to make your ding in the security universe and work with an industry leading group of cybersecurity professionals at Symantec, supporting full life cycle cybersecurity operations.We are seeking an individual that can bring in-depth Splunk and systems architectureexperience to lead the design of new systems, to scale and/or migrate our current Splunk Infrastructure, and support daily operations. As a Principal Splunk Architect you will directly support the Security Operations Center by driving the vision and development of Symantec’s Splunk, SIEM and monitoring infrastructure.


  • Lead the design and development of Symantec’s Splunk and SIEM Infrastructure
  • Assist with Splunk and SIEM administration and operations
  • Work closely with Symantec’s SOC and Defensive Cyber Operations to develop end to end monitoring and response capabilities
  • Work with organizations within Symantec’s security organization, IT, and throughout the company to design, build, and deploy Splunk and related monitoring infrastructure.
  • Design and delivery scalable and performant solutions that will scale to process multiple Terabytes of data per day and an expected 10x growth over 2 years.

Required Skills:

  • 5+ years of experience as a Splunk architect, administrator, or developer for a large enterprise environment (minimum 6.5.x)
  • Experience with a variety of Splunk Add-Ons (e.g. dbConnect, Splunk App for Microsoft Cloud Services, Splunk App for Amazon S3)
  • Knowledge about optimizing Splunk event indexing
  • Experience with index clustering and search head clustering
  • Experience with Splunk’s deployment server functionality
  • Experience with forwarders – universal, heavy, intermediate
  • Knowledge of all components of the Splunk infrastructure, how they communicate with each other and what their functionality is
  • Knowledge of most of Splunk’s configuration files, their names, and what they’re used for
  • Strong background in Unix and/or Windows systems administration
  • Advanced ability in a scriptinglanguage – python preferred
  • Knowledge of regular expressions
  • Advanced Splunk and IT systems troubleshooting skills to quickly identify issues across the platform
  • Must know the Splunk search processing language in depth
  • Demonstrated leadership experience and the ability to drive complex project requirements across a heavily matrixed organization

Preferred Skills:

  • IT systems architecture and engineering experience including network, server, and storage design
  • Bachelor’s degree in computer science, engineering, or information systems
  • Understanding and auditexperience with regulatory and compliance frameworks such as PCI, SOX, ISO, and NIST
  • Working understanding of Syslog configuration and design
  • Technical knowledge in a wide range of enterprise security devices, security feeds, and enterprise IT services