Listing Description

Samsung Semiconductor Inc. (SSI) is advancing the world’s technology. As a leader in Memory, System, LSI and LCD technologies, our US teams contribute to breakthroughs in 5G, SOC, memory and display. With our global perspective and diversity of thought, we proudly serve our customers around the world. We are looking for team members who share our commitment to learning and growth and excel when collaborating within and across teams.

SSI is headquartered in the heart of Silicon Valley and is a wholly-owned U.S. subsidiary of Samsung Electronics Co., Ltd. - the #1 employer in the world (Forbes, 2020 & 2021) and top patent-holder in the U.S. Want to advance the world’s technology with us?

Job Title

Senior Security Engineer

Location

San Jose, CA

Job #

41014

The Senior Security Engineer will be responsible for supporting Cybersecurity operations including the following:

JOB RESPONSIBILITIES:

• 
  

  Manage daily functions of SSI Security Operations, while protecting the integrity, confidentiality and availability of SSI information technology resources.

  
  


• 
  

  Deploy, Administer and Configure security tools (SIEM, CASB, EDR, DLP, Vulnerability Management etc.). Ability to create standard procedures/run books for managing and maintaining various security controls, currently in place at SSI.

  
  


• 
  

  Perform maintenance and regular health check of the Security tools and keep them functional for the Cyber Security Operations.

  
  


• 
  

  Assist with incident response procedures and processes, including identifying and establishing appropriate escalation/communication chain. Should be able to assist and provide support in forensics investigations to root cause security incidents/breaches and carry out effective remediation activities.

  
  


• 
  

  Ability to analyze system and firewall logs to assist with security analysis and threats.

  
  


• 
  

  Work closely with Cybersecurity team in instituting an effective Threat & Vulnerability Management program.

  
  


• 
  

  Assisting in reviewing existing security controls and help identify security risks. Work closely with Cybersecurity team in recommending effective security controls to mitigate and minimize security risks.

  
  


• 
  

  Create and maintain security tools dashboard.

  
  


• Develop reliable, efficient, and re-usable queries that will feed custom alerts and dashboards.


• Installing, configuring, and deploying Splunk infrastructure, to include search heads, indexers, forwarders, and other Splunk components.


• Splunk account creation and role-based access control.


• Monitor and maintain Splunk performance, availability, and capacity.


• Grow and improve the enterprise Splunk environment to a mature implementation by creating forwarder apps to ingest data feeds.


• Assist users in accessing and identifying relevant audit logs, both for troubleshooting and cybersecurity compliance purposes.


• Configuring dashboards to facilitate audit log analysis, and configuring rules for use cases.


• Act as the Splunk liaison for Splunk technical questions, issues or escalations. This will include working with Splunk Support, Product Management or others as needed.

QUALIFICATIONS & REQUIRED SKILLS:

• Bachelor's degree in engineering, information technology, computer science or related field.


• Netskope and Splunk deployment/configuration Experience.


• 6-10 years of experience directly related to information technology security in medium to large enterprise. This experience should include active participation in security programs and processes that have contributed to the development and administration of an organization wide IT security architecture.


• Knowledge of networking and protocols such as SSL, HTTP, DNS and SMTP.


• Proven experience in System Administration and deployment and maintenance on security controls such as SIEM, DLP, EDR, CASB, SOAR, SSO and other security controls.


• Experience in deploying, migrating to, and/or supporting cloud network security (SASE/CASB) products such as Netskope, iBoss, Zscaler or Palo Alto.


• Familiar with Splunk and server administration to participate in server troubleshooting affecting Splunk performance.


• Must be familiar with a wide range of security technologies including, but not limited to: SIEM, CASB IDS/IPS, malware analysis and protection, content filtering, logical access controls, identity and access management, data loss prevention, content filtering technologies, application firewalls, vulnerability scanners, LDAP, forensics software, SSO, SOAR, Privilege Access Management and security incident response and Identity Management.


• Excellent communication skills with the ability to write documents ranging from formal and informal reports, system documentation, and training materials.


• Demonstrated ability to work effectively in a collaborative team environment or as an individual contributor.

Additionally, we look for the following universal qualities in all candidates:

• Resourceful Achiever: self-motivated and proactive, you flex to try new approaches and creatively solve problems 


• Avid Learner: you thrive with challenges, seek continuous growth and improvement, and seek data to prove your hypotheses


• Devoted Professional: you are diligent and deliberate in your work, leveraging your expertise to deliver results without ego  


• Thoughtful Collaborator: you build relationships across teams, offering help and welcoming ideas from others to drive work forward in an inclusive manner

COVID-19 POLICIES

• Successful applicants must comply with company COVID-19 policies, which are subject to change in response to public health, regulatory and business circumstances


• Current policies are subject only to emergency or legally-required exceptions and include: mandatory reporting of vaccination status; vaccination requirement for office access, external meetings and business travel; mask usage in office; and daily screening procedures at offices