Information Security Engineer

at  Splunk

Splunk, a Cisco company, is building a safer and more resilient digital world with an end-to-end full stack platform made for a hybrid, multi-cloud world. Leading enterprises use our unified security and observability platform to keep their digital systems secure and reliable. Our customers love our technology, but it’s our caring employees that make Splunk stand out as an amazing career destination. No matter where in the world or what level of the organization, we approach our work with kindness. So bring your work experience, problem-solving skills and talent, of course, but also bring your joy, your passion and all the things that make you, you. Come help organizations be their best, while you reach new heights with a team that has your back.

MUST-HAVE QUALIFICATIONS

• 3+ year of proven experience with IT or working in a large enterprise environment
• Experience with AWS or GCP cloud public cloud computing
• Scripting (e.g., Python, Perl, Ruby, Bash, RegEx) or development (e.g., C++, Python, JavaScript) experience
• Linux Administration skills (e.g. Command-line usage, configuration management, security hardening)
• Prior experience with SIEMs such as Splunk or other log aggregation system
• Assist in operationalizing, Monitor, and Test Security tools across Splunk environments
• Understanding and/or experience with vulnerability management, incident response and forensics, cloud computing, and/or security automation and network engineering.
• Understand GDPR regulations and the protections afforded customers and employees
• Self-starter who truly enjoys a fast-paced, innovative software environment and has excellent written and verbal communication skills.
• Based in Costa Rica

NICE-TO-HAVE QUALIFICATIONS

• Driven to improve processes and strive for their continuous improvement
• Familiarity with DevOps tools, including Kubernetes, CI/CD, and/or Git
• Experience with compliance frameworks like SOC2, PCI and/or FedRAMP.
• Operations experience in driving security and compliance
• Certifications such as Sec +, CISSP, GSEC, CEH or CISM are a bonus.

ROLE SUMMARY

This position will be responsible for enabling technical innovation, the development and maintenance of internal applications for Security Operations. This role involves ownership and technical project management, working closely with other Security teams like Security Engineering, Detection, Monitoring and Response Operations and CIRT to provide an end to end experience. This is a phenomenal opportunity at a fast-growing and dynamic enterprise technology company.

WHAT YOU’LL GET TO DO

• Provide security service maintenance, change control, testing, patching, information protection, and break/fix.
• Support security teams by driving and delivering new security configurations based on the organization objectives
• Maintain the engineering team’s ability to detect and respond to critical security service delivery issues.
• Assist with technical evaluations to identify coverage gaps in existing information toolsets and support business owners and their security solution(s) that reduce risk.
• Work with other Cyber Security teams to efficiently run and develop security monitoring, sensor enrichment, and tuning solutions and maintain operational runbooks to deliver security services.
• Ensure services are functioning within agreed upon Service and Operational Level Agreements.
• Participates in a 1-3 time a year on call rotation for a week, which includes 24/7 support for security tool operations