Principal Compliance Engineer - Security Platform

Engineering San Jose, California San Francisco, California


Join us as we pursue our disruptive new vision to make machine data accessible, usable, and valuable to everyone. We are a company filled with people who are passionate about our product and seek to deliver the best experience for our customers. At Splunk, we’re committed to our work, customers, having fun, and most importantly to each other’s success. Learn more about Splunk careers and how you can become a part of our journey!

Do you enjoy building large scale applications that are powered by huge data sets? Are you passionate about working on products that make a difference for your customers? Do you value working in an environment where you're empowered to drive and make key technical decisions across a full stack of technologies? If so, a role on Splunk's Mission Control team might be a great fit for you.

Team

Be part of our journey as we reinvent security operations, and help enterprises say goodbye to “swivel chair security.” Splunk® Mission Control is a unified cloud-based platform that brings together security data, analytics and operations under one common work surface where security teams can holistically detect, manage, investigate, hunt, contain and remediate threats — all from one place — resulting in faster, more efficient and more effective security operations.

We are looking for creative problem solvers with a passion for scalable cloud-native distributed systems. As a member of the Mission Control engineering team you will evolve the backend services that power our unified security operations platform.

Role

As a compliance engineer within the enterprise applications organization, you will help evolve the architecture and design of our platform as we implement, assess and monitor security controls across our cloud-based products. You will define the future by navigating and interpreting complex regulatory frameworks such as SOC2, FedRAMP, HIPAA/PCI, working closely with many teams across the organization shaping these controls and championing security risk management early during the software development lifecycle. You will bring creativity and passion as you provide technical guidance to our engineering teams as a compliance expert.

Working directly with customers is one of our core values. You'll be able to meet customers, build empathy towards their experiences, get a first-person view of the state of the art Security Operations Centers, and collaborate with product management to define and craft new products that streamline analysts' investigations.

If staying technically challenged and learning from others is meaningful to you, you'll love our internal technical seminars and regular, company-wide hackathons. Along the way, you will become proficient in Splunk's Search Processing Language (SPL) which will empower you to explore large data sets and to take on endless types of problems.

Responsibilities

  • Be a compliance expert, provide guidance to engineering and lead all aspects of security control implementation early during the software development lifecycle.
  • Interpret and shape security control implementation across our products based on compliance standards such as SOC2, FedRAMP, HIPAA/PCI..
  • Partner with leaders from architecture, eng management, and product management on project requirements, designs, and development plans.
  • Lead continuous monitoring activities to support compliance, facilitate and verify evidence and artifacts.
  • Help identify and develop ways to improve our team's efficiency by expanding on our existing tools and processes.
  • Achieve a deep knowledge of our product architecture, usage patterns, and real-world deployment scenarios..
  • Become well versed in core Splunk technologies as they apply to application development.
  • Mentor junior engineers and interns as they develop their skills.

Requirements

  • 12+ years of engineering experience.
  • Experience implementing compliance controls such as SOC2, FedRAMP, HIPAA/PCI.
  • Solid understanding of how to successfully operate controls in real-world distributed systems at scale on different cloud platforms.
  • Knowledge of technical excellence and reliable standards related to security, performance and disaster recovery.
  • Comfortable with orchestration and cloud stack and technologies like k8s.
  • System administration and monitoring skills.
  • Good understanding of the SDLC ranging from architectural reviews, technical design deep dives, implementation, testing, continuous integration and continuous deployment.
  • Familiarity with A/B testing, blue-green environments and canary deployments.
  • Experience with Python, Golang, Django or similar backend application development frameworks.
  • Working knowledge of SQL and NoSQL database technologies at scale.
  • Demonstrated ability to learn new technologies quickly.
  • Strong verbal and written communication skills.

What We Offer You

  • A constant stream of new things for you to learn. We're always expanding into new areas, bringing in open source projects and contributing back, and exploring new technologies.
  • A set of exceptionally talented and dedicated peers, all the way from engineering and QA to product management and customer support.
  • Growth and mentorship. We believe in growing engineers through ownership and leadership opportunities.
  • A stable, collaborative, and supportive work environment.

Qualifications

  • Requires a minimum of 12 years of related experience with a technical Bachelor’s degree; or equivalent practical experience or 8 years and a technical Master’s degree; or a Ph.D. with 5 years experience; or equivalent practical experience.

We value diversity at our company. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or any other applicable legally protected characteristics in the location in which the candidate is applying.

For job positions in San Francisco, CA, and other locations where required, we will consider for employment qualified applicants with arrest and conviction records.

Thank you for your interest in Splunk!