Senior Security Research Engineer

Splunk - San Francisco, CA4.1

Full-timeEstimated: $91,000 - $130,000 a year
EducationSkills
Principal Security Research Engineer

Job Summary

Splunk Security Research is committed to delivering actionable intelligence to Splunk's customers. We are looking for a Principal Security Research Engineer to join our growing team. You will be working on developing new tools/techniques to aid security operators for analysing threats, crafting and releasing detection, investigation and response techniques for multiple Splunk products. You will have a hand in mentoring and growing team members. You will work closely with Splunk teams across multiple product areas; data scientists, product managers and engineers to influence the development of new capabilities for Splunk software and to enable the research team to leverage the best of Splunk. You will contribute to the development and implementation of security tools, machine learning models, infrastructure as code, and security content. This position requires development experience, along with DevOps tools, machine learning, analyzing large data sets and development of automation techniques. This individual must also have knowledge and experience in various information security detection and monitoring tools with an understanding of what they provide and how they contribute to an effective security program.

Job Responsibilities
Lead team initiatives, improvements and extend company wide impact of the research team
Research attacks against on-prem and cloud, technologies and deployments
Development of security content for detection, investigation, and response
Develop and execute growing attacks commonly used in the wild
Analyze data sources, technologies and determine suitability for detection and response
Real passion for contributions to the security community in the form of speaking submissions, patent filings, external/internal papers and presentations
Prototype new detection techniques, workflows and automation for security operations
Job Requirements
Experience in leading or influencing groundbreaking projects
Passionate about mentoring highly motivated junior team members
Experience in a security research or DFIR role
Experience with Splunk Enterprise
Deep understanding of common threats, their detection, investigation and response
Deep knowledge of at least one major operating system and packet analysis tools is a huge plus
Familiar with cloud technologies, Docker, K8s, Vagrant/Terraform and CI/CD experience
Proven public speaking at security conferences and take pride in published papers, patents

6+ years of experience, with a Master’s or PhD in Computer Science with systems specialization a plus

Desirable
Experience in developing analytics and detections (Snort, Suricata, Splunk, ML)
Experience with Machine Learning technologies and feature engineering
Ability to develop complex projects (web applications, API for example)

We value diversity at our company. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or any other applicable legally protected characteristics in the location in which the candidate is applying.

For job positions in San Francisco, CA, and other locations where required, we will consider for employment qualified applicants with arrest and conviction records