Principal Product Security Engineer (Production Identity and Access Management)

Security and Risk Management Hyderabad, India

Apply

Description

Join us as we pursue our disruptive new vision to make machine data accessible, usable and valuable to everyone. We are a company filled with people who are passionate about our product and seek to deliver the best experience for our customers. At Splunk, we’re committed to our work, customers, having fun and most importantly to each other’s success. Learn more about Splunk careers and how you can become a part of our journey!

Role:

The Cloud Access team is looking for a Principal Product Security Engineer to join us. As a member of the team, you will collaborate with other engineering, security and operations teams to execute on strategic plans and develop tactical execution methodologies which improve the “protect, detect, and respond” capabilities of Splunk Cloud. This person will lead the Prod IAM Hyderabad team to work independently to deliver projects for Product IAM.
The ideal candidate has a strong passion to help enable RBAC and IAM based Cloud Security to protect our organization, customers, and assets. You will work with Cloud operations teams, compliance teams, Splunk Global Security, and incident responders as well as identity and security solution providers, to help improve the team's access control and security posture and achieve success.

In this role, you will:

  • Collaborate with partner teams to improve security of Prod IAM infrastructure, tooling and automations.
  • Build tools and automation for orchestrating access provisioning, address Privileged Access Management and enable Just In Time Access for privileged accounts.
  • Extend existing IAM and RBAC based services and platforms to enhance partner capabilities, automating to reduce overhead while increasing the number of groups supported and the overall complexity of the systems.
  • Identify use cases that can be built with existing tools and services to enhance access to internal cloud systems.
  • This role also includes supporting the definition of requirements that enable innovative integrations and solutions.
  • Collaborate on the evaluation and test solutions with the intent of improving Splunk’s overall access control features and flexibility.
  • Collaborate with Service owners to implement Service Level Metrics & Service Level Objectives that act as service health indicators with the goal of improving security posture.
As a member of Splunk’s Identity and Access Management team, the Principal Security Engineer will be responsible for implementing and managing identity services and platforms, mainly Okta and Directory Services. You must have a proven track record in delivering identity solutions that are functional, secure, scalable, and reliable. Your work will not only dramatically improve Splunk’s security posture, but also improve workforce productivity. This role will work with the Identity and Access Management Manager, Senior Manager and Senior Director of Security Services within Splunk Global Security.

Responsibilities

  • Manage and lead the design, engineering, and deployment of Directory Services (i.e. Active Directory) and Okta
  • Participate in or lead troubleshooting and incident resolution of complex high severity incidents
  • Analyze the current environment to identify technical and operational opportunities and develop continuous improvement action plans
  • Participate in disaster recovery, capacity planning, performance monitoring, and maintenance to ensure high availability
  • Understand and adhere to standard operational processes to ensure audibility and compliance with industry standards (SOX, GDPR, UKCE etc.)
  • Build relationships with the other teams in the Splunk Global Security organization, but also across the company
  • Mentor and train others in the use and functionality of the IAM services
  • Practical knowledge of AWS, GCP, Azure, IBM Cloud, Okta, Okta IGA, Okta Verify, Sailpoint, Terraform, Device Context, FIDO2, Git, Gitlab, Kubernetes, Puppet, Linux.

Requirements

  • 10+ year of experience in IAM with 5+ years of experience in implementing, integrating, and supporting end-to-end Directory Services and Okta solutions
  • Hands-on production experiences with Active Directory, Azure Active Directory and Okta
  • Experience in various authentication standards such as SAML, OAuth, SCIM, OpenID Connect and FIDO2
  • Experience in security and implementation standards such as the least privilege, privileged access management and passwordless authentication
  • Good understanding of the overall infrastructure including data centers, networking, load balancers, and how all the components interact
  • Familiarity with PKI, Public Certificate Authorities, OpenSSL, Hashicorp Stack (e.g. Vault)
  • Coding experience in one or more of Go, Java, Python, Powershell, and Bash.
  • Experience automating infrastructure with scripting (Go, Python, Bash) and tooling (Puppet, Terraform, Ansible, Chef, etc).
  • Experienced with the setup/configuration/operation of CI/CD pipelines and source code control using GitLab
  • Demonstrated ability to accurately assess problems and requests from multiple perspectives, analyze approach feasibility, and decide on the efficient course of action.
  • 8 or more years of experience in one or more of these critical areas: Access Controls, Information Security Technology, Engineering, CI/CD, Operations.
  • Strong ability to communicate data, facts, and analysis of the technical subject matter.
  • You will support collaboration when working on engineering’s goals and objectives.

Education and Certifications

  • Bachelor's degree in Computer Science, Information Technology, or related field required or equivalent work experience
  • CISSP, CISM, or equivalent certification preferred

Plus:

Not required, and would be nice to have:
  • Exposure to CIS, DISA, DTPR, PCI, HIPAA and FedRAMP regulation.

What We Offer You:

  • A constant stream of new things for you to learn. We're always expanding into new areas, bringing in open source projects and contributing back, and exploring new technologies.
  • A set of exceptionally talented and dedicated peers, all the way from engineering to product management and customer support.
  • Growth and mentorship. We believe in growing engineers through ownership and leadership opportunities. We also believe mentors help both sides of the equation.
  • A stable, collaborative and supportive work environment.
We value diversity at our company. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or any other applicable legally protected characteristics in the location in which the candidate is applying.
Thank you for your interest in Splunk!

 

 

Note:

Base Pay Range

India

Base Pay: INR 3,680,000.00 - 5,060,000.00 per year

Splunk provides flexibility and choice in the working arrangement for most roles, including remote and/or in-office roles. We have a market-based pay structure which varies by location. Please note that the base pay range is a guideline and for candidates who receive an offer, the base pay will vary based on factors such as work location as set out above, as well as the knowledge, skills and experience of the candidate. In addition to base pay, this role is eligible for incentive compensation and may be eligible for equity or long-term cash awards.

Benefits are an important part of Splunk's Total Rewards package. This role is eligible for a comprehensive, competitive benefits package which may include healthcare and retirement plans, paid time off, wellbeing expense reimbursement, and much more! Learn more about our comprehensive benefits and wellbeing offering at https://splunkbenefits.com.

Thank you for your interest in Splunk!

Apply Apply Later
← Back to Current Openings

Share

Similar Jobs

{{ job.title }}