Operations Engineer, Splunk Security

Job Description

Join us as we pursue our exciting new vision to make machine data accessible, usable and valuable to everyone. We are a company filled with people who are passionate about our product and seek to deliver the best experience for our customers. At Splunk, we’re committed to our work, customers, having fun and most importantly to each other’s success. Learn more about Splunk careers and how you can become a part of our journey!

Role

Do you want to make a difference in the security posture of an entire company? This role will be responsible for developing, fixing, and debugging internal deployments of Splunk products, such as Splunk Cloud Platform and SOAR. You will have a deep understanding of Information Security and software development principles coupled with a strong desire to learn and grow within the organization. This role will be part of the Splunk Security Center of Excellence team and will engage in problem solving, effectively elevating the internal customer experience, automating processes, and improving the reliability of our services. We are a passionate team who has fun, enjoys a good laugh but above all else thinks security first!

Responsibilities

• Work closely with the Splunk Global Security (SGS) teams to improve existing automation and search initiatives that deliver resilient solutions
• Tap into your expertise of all things Splunk to address sophisticated issues
• Build and improve custom data onboarding scripts and add-ons for internal corporate tools and services
• Analyze internal metrics and workflows to reduce false positives and accurately focus engineering efforts
• Develop repeatable processes to build playbooks in order to efficiently resolve any incidents that arise
• Serve as initial support for internal customers and maintain high availability of playbooks.
• Implement validated security strategies related to our team’s Linux-based and AWS-based infrastructure, Python code, and containerized services

Requirements

• 2+ years of proven experience in Cybersecurity technologies with focus on one or more of the following areas such as SIEM, vulnerability management, firewalls, forensics, data logging, and IAM
• 2+ years of demonstrable experience in tool integrations, CI/CD and REST APIs as well as software development experience with Python, Golang, JavaScript, or similar
• Fully proficient in git and version control systems, like GitLab and GitHub
• Experience in Security Operations, SIEM, Incident Response, and Threat Intelligence
• Skilled in Linux administration and Cloud Technologies, such as AWS
• Excellent communication skills, both verbal and written; able to explain intricate technical topics to varying groups

We value diversity at our company. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or any other applicable legally protected characteristics in the location in which the candidate is applying.