Senior Application Security Engineer, CI/CD (US Remote Available)

Engineering San Jose, California Washington, D.C. Austin, Texas Atlanta, Georgia Charlotte, NC, North Carolina Houston, Texas Dallas, Texas Portland, Oregon Chicago, Illinois Los Angeles, CA, California San Diego, California Orlando, Florida Boulder, Colorado

Join us as we pursue our disruptive new vision to make machine data accessible, usable and valuable to everyone. We are a company filled with people who are passionate about our product and seek to deliver the best experience for our customers. At Splunk, we’re committed to our work, customers, having fun and most importantly to each other’s success. Learn more about Splunk careers and how you can become a part of our journey!

Splunk’s IT-CICD team is responsible for enabling Development teams to move code faster and with less friction to production. This responsibility is supported by developing automated build and release pipelines, supporting testing frameworks, building artifact management services, and fast feedback systems. Whether it’s containers or VMs, we’re at the center of building and releasing code with our customers. The result is automated code delivery, fast time-to-market, and increased business value.

We are actively seeking an Application Security (AppSec) Engineer to join our team. You will be responsible for engaging with IT teams to ensure security is a first priority when developing services. You will also ensure we’re in lock step with Splunk’s larger security initiatives and develop our CICD security services. Engaging with other teams and communicating with stakeholders will be a regular part of the job. We’re looking for an individual who’s motivated by technology, enjoys automation, and problem-solving.


  • Development of Release Management strategies for various architectures; Zero Downtime Deployments, Blue-Green, Canary Releases, etc.
  • Design and implementation of security tooling within the SDLC
  • Evangelize secure coding practices
  • Perform gap analysis with IT customers
  • Build threat models around developer code bases and releases
  • Contribute to artifact build, release, and deploy pipeline integrations
  • Act as liaison with the greater Splunk security team
  • Build application integrations with Splunk's Observability toolings such as Splunk APM
  • Container, environment, and configuration management


  • Deep understanding of systems administration concepts
  • Solid experience with security tooling and best practices for implementation in development pipelines and infrastructure.
  • Experience with security event management, vulnerability management, intrusion detection, and threat management systems (Azure Sentinel, Splunk).
  • In depth experience with configuring continuous integration software in a globally distributed environment using tools like GitLab, CircleCi, Jenkins, A, Azure DevOps Pipelines, etc.
  • Solid experience with scripting languages such as Python, Ruby, or Golang
  • Proven expertise with container technology such as Docker, LXC, and Kubernetes
  • You have strong grasp of the SDLC
  • Solid understanding of cloud computing - AWS, GCE, Azure, etc.
  • Familiarity with progressive deployment models and developer feedback loops
  • Working knowledge of Networking concepts and their application in the cloud
  • And of course, a passion for security and release engineering!

What We Offer You: Wow, I want that.

  • A constant stream of new things for you to learn. We're always expanding into new areas, bringing in open source projects and contributing back, and exploring new technologies.
  • A set of extraordinarily hardworking, innovative, open, fun and dedicated peers, all the way from engineering and QA to product management and customer support.
  • Growth and mentorship. We believe in growing engineers through ownership and leadership opportunities. We also believe mentors help both sides of the equation.
  • A stable, collaborative and supportive work environment.

We value diversity at our company. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or any other applicable legally protected characteristics in the location in which the candidate is applying.

For job positions in San Francisco, CA, and other locations where required, we will consider for employment qualified applicants with arrest and conviction records.

(Colorado only*) Minimum base salary of $115,000.00. You may also be eligible for incentive pay + equity + benefits.*Note: Disclosure per sb19-085 (8-5-201 et seq).

Thank you for your interest in Splunk!