United Airlines Senior Engineer - Information Technology Security in Chicago, Illinois
We have a wide variety of career opportunities around the world — come find yours.
The United IT team designs, develops and maintains massively scaling technology solutions that are brought to life with innovative architectures, data analytics and digital solutions.
Job overview and responsibilities
Sr Engineer - IT Security will be involved in the planning, implementation and ongoing support of SEIM capabilities for United Airlines. This includes close coordination with multiple security teams working on all aspects of the SEIM environment from data source onboarding and ingest, indexing and data models, adaptive response actions, dashboards, and other content.
Design, support, and maintain high availability, distributed, and multi-clustered SEIM deployment
Responsible for onboarding and maintaining a wide variety of data sources to include various OS, appliance, and application logs
Solve/troubleshoot complex integration challenges and configuration issues
Manage Splunk knowledge objects
Technical writing/creation of formal documentation such as architecture diagrams, technical designs, and SOPs
Develop scripts to automate common SEIM tasks such as forwarder deployment, configuration, etc.
Monitor the performance of SEIM
Drive deployments of the SEIM while working side by side with the customers to solve their unique problems across a variety of use cases
6+ years of enterprise-level systems engineering
Industry certifications such as the CISSP, CISM, CISA, GCIH, CFCE, GFCA, and/or GCFE
Operational experience with any of the following areas: network engineering, Linux/Unix systems administration, Windows/Active Directory administration, network security, firewalls, NIDS, NIPS, web proxy solutions, email security, systems security (HIPS/HIDS), security analyst, SEIM ,storage, virtualization, mail servers, data modeling and pivot tables
Demonstrated a high sense of urgency with strong pragmatic problem-solving skills and the ability to identify, analyze, and resolve problems
Proven experience migrating and upgrading Splunk environments
Demonstrable knowledge of Splunk architecture and best practice
Ability to assess customer's situation, business needs, complex problems, and provide expert recommendations in the areas of Splunk knowledge management, administration, and architecture
Proficient in writing commands via the command line interface in Windows, Unix, and Linux
Proficient in one or more of the following scripting languages: Bash, Perl, Python, PowerShell
Proficiency in writing Regular Expressions to extract data in Splunk via search-time and index-time extraction
Must be legally authorized to work in the United States for any employer without sponsorship
Successful completion of interview required to meet job qualifications
Reliable, punctual attendance is an essential function of the position
- SCCI & SCCII certifications
Equal Opportunity Employer – Minorities/Women/Veterans/Disabled/LGBT
Division: 47 Technology/IT
Function: Information Technology
Equal Opportunity Employer – Minorities/Women/Veterans/Disabled