Splunk Admin

Job Description Observability Engineer SIEM
Observability Engineer Enterprise Engineering

Who we are
overall purpose to elevate the world through the power of practice. We are proud to be a growing global company with locations all around the world from
Vancouver to Shanghai and places in between. We owe our success to our innovative product our emphasis on our stores our commitment to our people and the incredible connections we get to make in every community we are in.
About this team
We are looking for a motivated engineer to become a core member of the Observability team in Enterprise Engineering guiding the enterprise organization to improve the practice of observability here at lululemon. We are a consultative enablement team providing guidance and support to product engineering teams for the development of highquality and resilient software systems through the
use of monitoring tools and best practices. As a SIEM Engineer for Observability your team works with the Tech Security and Compliance team to establish and build upon best practices with the security platforms through event & logging management to provide total visibility into our systems. This role requires
someone who can help LLL to get most value from our investment implement and refine governance practices as well as handling hands on admin tasks support across a disparate organization. As a successful candidate for this role you will support our lead engineers to administer our tools enable our end users be a custodian for best practices and standards and work with vendor TAMs to resolve issues and learn about new capabilities and opportunities.
A day in the life
Support users with Getting Data In (GDI) including data classification and data transfer to the logging aggregation tool(s) that fit the use case for security and SIEM or observability
Maintain and install Splunk Technical Addons needed for GDI
Log pipeline implementation and maintenance including data ETL or minimization obfuscation log to metrics etc
Enforce best practices and strategies for teams to integrate with Tech Security and Compliance guidelines
Tool Governance and Best Practices documentation
Understand our end users needs to ensure our platforms meet their needs
Collaborate with crossfunctional teams to troubleshoot and resolve monitoring related issues
Work with Enterprise Engineering platform administration to support Observability platform health
Qualifications
College degree in computer science/engineering or related field
Minimum 2 years of experience with security platforms specifically Cloud SIEM Application Security Management Security Posture
Management
GDI (Getting Data In) specialization: onboarding data through data classification pipelining/ETL data models & summarization (where
applicable)
Good working knowledge of the Splunk Common Information Model and data model acceleration
Strong knowledge of SPL especially as it relates to correlation searches for notable events
Knowledge of:
PII / CCPA / GDPR rules
data transformation
Experience with Linux
log/event sources as they relate to security use cases (infrastructure application platform audit trails etc)

A track record delivering quality results on complex crossfunctional projects
Analytical and problemsolving capabilities
Strong verbal and written communication skills. Must be able to communicate with a wide variety of audiences both business and
technical
Bonus
Experience with other security tools such as Datadog Splunk ES Sentinel Prisma etc
Experience with data transformation and pipeline tools such as Splunk Edge Processor Cribl Datadog Observability Pipelines etc.
Experience/knowledge of Cloud Computing services (AWS Azure GCP) and monitoring and logging tools within these platforms
Knowledge of OpenTelemetry experience with OpenTelemetry API/SDK
Interpersonal Must Haves
Acknowledges the presence of choice in every moment and takes personal responsibility for their life
Possesses an entrepreneurial spirit and continuously innovates to achieve great results
Communicates with honesty and kindness and creates the space for others to do the same
Leads with courage knowing the possibility of greatness is bigger than the fear of failure
Fosters connection by putting people first and building trusting relationships
Integrates fun and joy as a way of being and working aka doesnt take themselves too seriously