Senior Security Engineer - Splunk at Vrbo
Are you a hardworking and highly motivated Security Engineer to join a thriving Security Operations Team? If so, this opportunity could be a great fit for you. In this role you will be responsible for detecting, analyzing and remediating any and all security events/issues and incidents that might be presented to Vrbo and its networks. You want to work here because you have a strong affinity for Splunk and also possess a desire to work in the cyber security field.
- Management, upkeep and expansion/design of an on-premise Splunk/Enterprise Security deployment.
- Coordinate all aspects of Splunk event collection and forwarding.
- Administer Splunk Enterprise and Enterprise Security. To include index, sourcetype, field, CIM compliance, ES use cases and SPL upkeep.
- Implement Security and Business use-cases in the Splunk framework.
- Handle syslog configurations and forwarding.
- Build custom dashboards, reports, and alerts within Splunk.
- Design and implement high-level strategies.
- Proven experience creating complex Splunk queries in SPL and XML for reports and dashboards
- Ability to troubleshoot and optimize SPL for large queries or data sets with strong knowledge of the Splunk search pipeline
- Understanding and implementation of log data flows between source systems and Splunk components
- Ability to write applications that pull data from a source system for writing to Splunk (Python preferred)
- Ability to create custom field extractions, TA’s and sourcetypes
- 5+ years of direct administration experience with an on-premise clustered Splunk Enterprise environment
- 3+ years designing, engineering and securing complex infrastructure architectures.
- 1+ years working in a cyber security org or team (preferably Security Operations).
- Direct experience with development or deployment in the cloud (AWS, Azure, GCP)
- Comfortable with tooling that demonstrates an automation mindset: Chef, Puppet, Ansible, CI/CD experience, and can provide examples.
- Experience with Linux administration and bash, Python, or Ruby scripting.
- Experience with implementing standard methodologies in regards to event collection and logging in cloud infrastructure and cloud services.
- Experience in log management on different tiers of infrastructure and platform services.
- Experience working with containerized and serverless computing platforms.
- Experience in secrets management, encryption technologies, and key management.
- Splunk certified Administrator or Architect certification is preferred
Expedia Group recognizes our success is dependent on the success of our people. We are the world's travel platform, made up of the most knowledgeable, passionate, and creative people in our business. Our brands recognize the power of travel to break down barriers and make people's lives better – that responsibility inspires us to be the place where exceptional people want to do their best work, and to provide them to tools to do so.
Whether you're applying to work in engineering or customer support, marketing or lodging supply, at Expedia Group we act as one team, working towards a common goal; to bring the world within reach. We relentlessly strive for better, but not at the cost of the customer. We act with humility and optimism, respecting ideas big and small. We value diversity and voices of all volumes. We are a global organization but keep our feet on the ground so we can act fast and stay simple. Our teams also have the chance to give back on a local level and make a difference through our corporate social responsibility program, Expedia Cares.
If you have a hunger to make a difference with one of the most loved consumer brands in the world and to work in the dynamic travel industry, this is the job for you.
Our family of travel brands includes: Brand Expedia®, Hotels.com®, Expedia® Partner Solutions, Egencia®, trivago®, HomeAway®, Orbitz®, Travelocity®, Wotif®, lastminute.com.au®, ebookers®, CheapTickets®, Hotwire®, Classic Vacations®, Expedia® Media Solutions, CarRentals.com™, Expedia Local Expert®, Expedia® CruiseShipCenters®, SilverRail Technologies, Inc., ALICE and Traveldoo®.Expedia is committed to creating an inclusive work environment with a diverse workforce. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. This employer participates in E-Verify. The employer will provide the Social Security Administration (SSA) and, if necessary, the Department of Homeland Security (DHS) with information from each new employee's I-9 to confirm work authorization.