Technical Security Program Manager - Incident Response (US Remote Available)

Security and Risk Management San Francisco, California Austin, Texas Seattle, Washington McLean, Virginia San Jose, California Boulder, Colorado

Join us as we pursue our ground-breaking new vision to make machine data accessible, usable and valuable to everyone. We are a company filled with people who are passionate about our product and seek to deliver the best experience for our customers. At Splunk, we’re committed to our work, customers, having fun and most importantly to each other’s success. Learn more about Splunk careers and how you can become a part of our journey!


Splunk is the leader in big data, machine learning analytics with a significant presence in the cyber security market. We are seeking a Technical Security Program Manager to join our internal cyber Incident Response team. In this role you will provide operational support and help develop and execute a strategy to optimize the investigation, containment, remediation and communication of critical cyber security incidents. You will also form and lead pre-planned, larger projects to support the overarching mission of the Splunk Global Security team as we aim to become a positive influence on the security posture of Splunk as a whole.

The key to your success lies in your ability to quickly reprioritize longer-term projects as incidents arise, partnering with key stakeholders and intra-function coordination. Understanding core requirements as many moving parts change will be critical to delivering and maintaining solutions as part of the Splunk Global Security team.


IR & Forensics
  • Determine key metrics for reporting on the health and efficiency of the Incident Response and Forensic services
  • Identify trends from Incident Response and Forensic data to raise up security opportunities across Splunk
  • Build JIRA and Splunk dashboards to clearly advise stakeholders on current Incident Response and Forensic activities
  • Track longer term remediation items identified from incidents and ensure they are followed through to completion
  • Work across teams to identify and enhance the Incident Response and Forensic service’s process, tooling, documentation and offerings
Program Management
  • Help guide the creation of quarterly and yearly OKRs and roadmap for the team
  • Deliver longer-term projects while prioritizing against shorter-term Incident Response mitigation tasks
  • Define requirements, roles, responsibilities and timelines for multi-quarter, multi-team cyber security related projects
  • Be the spokesperson and champion of the projects you lead
  • Build, foster and manage relationships across teams, key stakeholders and Splunkers to drive mutual security initiatives across Splunk
  • Financial management of delivery that includes communicating operational budget requirements for department level planning, associated procurement activities, and meeting quarterly and annual budget expectations


  • 5+ years of experience in IT project management and/or cyber security with a B.A./B.S. or equivalent work experience
  • Agile and Scrum methodology experience
  • Demonstrated experience with tracking tools such as: JIRA, Smartsheets, Lucidchart, ServiceNow, Splunk
  • Excellent communication and presentation skills
  • Strong cyber security knowledge in one of the following areas: Incident Response and Detection, Digital Forensics, Risk Management, Security Architecture, Threat and Vulnerability Management
  • Experience with service/process creation, design and maintenance
  • You are eligible to work in the United States without company sponsorship

We value diversity at our company. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or any other applicable legally protected characteristics in the location in which the candidate is applying.

For job positions in San Francisco, CA, and other locations where required, we will consider for employment qualified applicants with arrest and conviction records.

Thank you for your interest in Splunk!