Security Engineer - Platform operations

This role will be responsible for developing, fixing, and debugging internal deployments of Splunk products, such as Splunk Cloud Platform and SOAR. You will have a deep understanding of Information Security and software development principles coupled with a strong desire to learn and grow within the organization. This role will be part of the Splunk Security Center of Excellence team and will engage in problem solving, effectively elevating the internal customer experience, automating processes, and improving the reliability of our services. We are a passionate team who has fun, enjoys a good laugh but above all else thinks security first!

What you'll get to do

• Work closely with the Splunk Global Security (SGS) teams to improve existing automation and search initiatives that deliver resilient solutions
• Tap into your expertise of all things Splunk to address sophisticated issues
• Build and improve custom data onboarding scripts and add-ons for internal corporate tools and services
• Analyze internal metrics and workflows to reduce false positives and accurately focus engineering efforts
• Develop repeatable processes to build playbooks in order to efficiently resolve any incidents that arise
• Serve as initial support for internal customers and maintain high availability of playbooks.
• Implement validated security strategies related to our team’s Linux-based and AWS-based infrastructure, Python code, and containerized services

Must-have Qualifications

• Bachelor's degree with 5+ years of proven experience in Cybersecurity technologies with focus on one or more of the following areas such as SIEM, vulnerability management, firewalls, forensics, data logging, and IAM
• 2+ years of demonstrable experience in tool integrations, CI/CD and REST APIs as well as software development experience with Python, Golang, JavaScript, or similar
• Fully proficient in git and version control systems, like GitLab and GitHub
• Experience in Security Operations, SIEM, Incident Response, and Threat Intelligence
• Skilled in Linux administration and Cloud Technologies, such as AWS
• Excellent communication skills, both verbal and written; able to explain intricate technical topics to varying groups

Nice-to-have Qualifications

We’ve taken special care to separate the must-have qualifications from the nice-to-haves. “Nice-to-have” means just that: Nice. To. Have. So, don’t worry if you can’t check off every box. We’re not hiring a list of bullet points–we’re interested in the whole you.

• Splunk Certification in Architecture/Administration is desirable.
• Experience in Splunk ITSI and Observability cloud is desirable.