Splunk’s Product Security Incident Response Team (PSIRT) is seeking a highly talented and motivated security engineer to help drive our vulnerability and risk management functions, and raise the security bar for every product in our portfolio. The PSIRT team works across the entire organization and the work is highly visible and impactful. Escalations come in from many directions, including enterprise customers, internal discoveries, and the security research community, so it is important that you are organized and can work calmly under pressure.
In this role, you will analyze security vulnerabilities and help define remediation strategies, communicate with customers and security researchers, and work cross-functionally with other internal stakeholder groups to drive resolution of security issues.
- Verify security bug reports and perform root cause analysis and variant analysis
- Triage security issues to determine affected Splunk products and version
- Investigate, track and drive remediation for open source vulnerabilities
- Work closely with product management and engineering teams to drive issues to closure
- Actively hunt for bugs in Splunk products through manual testing and automated tools like static and dynamic analyzers
- Communicate with external researchers, reporting organizations, and customers to convey status and maintain ongoing collaboration
- Write and publish security advisories
- Continually improve processes used to identify and fix product security issues
- 2+ years of Application Security or Information Security experience
- Experience working in a CSIRT, CIRT, or PSIRT functions
- BA/BS in computer science, a related discipline, or equivalent work experience
- Strong understanding of OWASP Top 10
- Experience with application security tools, such as static analysis, dynamic analysis, vulnerability scanners, intercepting proxies, etc.
- Familiar with both Windows and Linux operating systems
- Excellent verbal and written communication skills
- Contributions to the security community: research papers, conference talks, open source, etc.
- Relevant information security certifications, such as GCIH, ECIH, GPEN, OSCP, etc.
- Experience deploying services in AWS or GCP
- Experience working with security researchers or bug bounty programs