Sr. Splunk User Behavior Analytics Engineer-Remote Opportunity
As a member of the Security Engineering team, you will work with other security teams to execute on strategic plans and develop tactical execution methodologies which improve the “protect, detect, and respond” capabilities of Splunk’s Global Security Team.
We are looking for a team member that has a passion for deploying, tuning, and improving Splunk's UBA security solution to protect our organization, people, and assets. You will collaborate with our engineers, operations teams, incident responders, and threat intel teams, as well as our security solution providers, to help them use the capabilities of UBA and achieve success.
Our Splunk UBA Engineers work with our teams to realize the potential of Splunk solutions by working directly with the Detection Monitoring and Operations (DMO) team and product management. The role involves not only developing the solutions but working with our internal customers and partners to improve their projects by providing mentorship on how to work through technical issues and challenges. The ideal candidate enjoys the challenge of solving sophisticated problems and seeing results that generate success.
We provide engineering and operational support for cutting edge security tools, focusing on Splunk UBA. This security engineering professional role is responsible for Planning, Design, Testing, Deployment/Implementation, Break/Fix, Patching, Change Control and Service Maintenance/Support/Updates of highly sophisticated security systems to fulfill Splunk’s business needs. The following areas will be your focus:
- Design, Build, Deploy, Run, Maintain & Fix Infrastructure (Dev & Prod)
- Ensure timely patching and updates to underlying OS as well as solution
- Monitor data from UBA to ensure usability
- Improve UBA by identifying and integrating new data sources
- In conjunction with DMO, tune UBA performance & detections
- Provide Anomaly detection for the data
- Be the Tier-3 support for Splunk Global Security
- Mentor others on both the Engineering and Operations teams on Machine Learning, Splunk Enterprise Security, and UBA
- Work with DMO team to ensure accurate use of UBA
- Work closely with legal and privacy to ensure solutions and sources are accurately vetted
- Provide feedback to the Product Management team on usage and improvements for the “next generation” of UBA products from Splunk
- Design, create, deploy, test, custom ML models using various tools (UBA, MLTK, SMLE) to solve Security problems, and potentially spot performance related problems in advance
- Crafting custom content to detect security related anomalies that are outside of the scope of all existing tools
- Extensive Experience with Splunk Enterprise and Splunk User Behavior Analytics
- A strong foundation in the deployment of a wide range of security solutions. Experience in Linux and networking is required
- Possess the ability to accurately assess problems and requests from multiple perspectives, analyze approach feasibility, and decide on the most efficient course of action
- Achieve security engineering’s goals / objectives that drive engineering projects by taking ownership and delivering results
- 6 or more years of security experience in one or more of these critical areas: Information Security Technology, Engineering, Operations, Technology Infrastructure and Proof of Concept - testing labs
- Communicate data, facts, and analysis regarding operational delivery
- Remarkable written and oral communication skills; strong presentation skills
- We will support collaboration when working on security goals & objectives
- Eligible to work in the US without sponsorship from a company
Nice to Haves:
- Substantial security certifications (CISSP, CISM, etc.)
- Understand GDPR, PCI and FedRAMP regulations and the protections afforded customers and employees
- Experience in any of the following: Security Operations Centers, Security Consulting, Incident Response, Architecture / systems engineering
Thank you for your interest in Splunk!
Splunk's Hiring Practices
Splunk turns machine data into answers. Organizations use market-leading Splunk solutions with machine learning to solve their toughest IT, Internet of Things and security challenges.
Individuals seeking employment at Splunk are considered without regards to race, religion, color, national origin, ancestry, sex, gender, gender identity, gender expression, sexual orientation, marital status, age, physical or mental disability or medical condition (except where physical fitness is a valid occupational qualification), genetic information, veteran status, or any other consideration made unlawful by federal, state or local laws. Click here to review the US Department of Labor’s EEO is The Law notice. Please click here to review Splunk’s Affirmative Action Policy Statement.
Splunk does not discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. Please click here to review Splunk’s Pay Transparency Nondiscrimination Provision.
For job positions in San Francisco, CA, and other locations where required, we will consider for employment qualified applicants with arrest and conviction records.
Splunk is also committed to providing access to all individuals who are seeking information from our website. Any individual using assistive technology (such as a screen reader, Braille reader, etc.) who experiences difficulty accessing information on any part of Splunk’s website should send comments to [email protected]. Please include the nature of the accessibility problem and your e-mail or contact address. If the accessibility problem involves a particular page, the message should include the URL of that page.
Splunk doesn't accept unsolicited agency resumes and won't pay fees to any third-party agency or firm that doesn't have a signed agreement with Splunk.
To check on your application click here.