Product Security, Incident Response Team (Costa Rica)
Description
About Splunk
Splunk is here to build a safer and more resilient digital world. The world's leading enterprises use our unified security and observability platform to keep their digital systems secure and reliable. While customers love our technology, it's our people that make Splunk stand out as an amazing career destination and why we've won so many awards as a best place to work. If you become a Splunker, we want your whole, authentic self, what we call your "million data points". So bring your work experience, problem-solving skills and talent, of course, but also bring your joy, your passion and all the things that make you, you.
About The Role
Come and join our growing Splunk Product Security Incident Response Team (PSIRT) of Security Engineers! Be a part of highly visible team that regularly works across the entire organization, with everyone from product teams to executives. Urgent escalations from enterprise customers, investigating open source vulnerabilities, performing variant analysis, root cause analysis, working with security researchers and a regular patching cycle are all core to this role.
You'll be part of an organization focused on influencing security culture within Splunk and Cisco with the ultimate goal of ensuring the continued security of our customers and their data. You will do this by leading bug bounty, responsible disclosure, and escalations from Splunk’s top customers.
What you'll get to do:
- Triage reported vulnerabilities from the bug bounty and responsible disclosure
- Manually verify security issues identified through automated scans
- Assist customer escalations concerning product security issues
- Lead and coordinate Product Security Incidents
- Write and publish Security Advisories
- Coordinate remediation with Product teams
Must-have Qualifications
- Minimum Bachelor's Degree with 2+ years' of Application Security Experience
- At least two years of experience with CSIRT, CIRT, or PSIRT functions
- Exceptional written communication skills
- Hands on experience with product security vulnerability exploitation, mitigation, and remediation
- Working experience with common security tools (e.g., Burp) or security scanners (e.g., Semgrep, Trivy)
Nice-to-have Qualifications
- Prior experience as a PSIRT engineer
- Customer support experience
- Scripting (e.g., Python, Perl, Ruby, Bash) or development (e.g., C++, Python, JavaScript) experience
- AWS or GCP Cloud Experience
Splunk is an Equal Opportunity Employer
At Splunk, we believe creating a culture of belonging isn’t just the right thing to do; it’s also the smart thing. We prioritize diversity, equity, inclusion, and belonging to ensure our employees are supported to bring their best, most authentic selves to work where they can thrive. Qualified applicants receive consideration for employment without regard to race, religion, color, national origin, ancestry, sex, gender, gender identity, gender expression, sexual orientation, marital status, age, physical or mental disability or medical condition, genetic information, veteran status, or any other consideration made unlawful by federal, state, or local laws. We consider qualified applicants with criminal histories, consistent with legal requirements.
Thank you for your interest in Splunk!