Security Architect - Cloud

Splunk   •  

San Francisco, CA

5 - 7 years

Posted 174 days ago

This job is no longer available.

Join us as we pursue our disruptive new vision to make machine data accessible, usable and valuable to everyone. We are a company filled with people who are passionate about our product and seek to deliver the best experience for our customers. At Splunk, we’re committed to our work, customers, having fun and most importantly to each other’s success. Learn more about Splunk careers and how you can become a part of our journey!

Role:

The Splunk Cloud Security Architect reports to the Sr. Dir of Information Security and the role is based in San Francisco. This role works with our cloud business partners to ensure strategic alignment and security controls are in place to support our various business objectives. You will help define the cloud security architecture based on industry standards that support a highly dynamic, fast-paced, and diverse organization. We are a passionate team who has fun, enjoys a good laugh but above all else thinks security first.

Responsibilities:

  • You will define and publish the overall Splunk Cloud security strategy with the consensus from operational and business partners
  • You will research, evaluate, and recommend security technologies that can be applied to technology solutions being developed or maintained internally or externally
  • You will lead design of information security solutions using industry standard methodologies, regulatory guidelines, and corporate policy
  • You are technically seasoned to drive cyber solutions from discovery/inception to sustainable programs
  • You will participate in cross-domain, multi-functional matrix project teams to implement solutions in a highly collaborative manner
  • You will also participate in risk analysis and mitigation activities
  • You will expertly handle multiple simultaneous tasks, providing consistent record of all activities, while handling confidential work with discretion
  • You will conduct security assessments for projects, hold security reviews against internal or external solutions that are in process of being created or maintained
  • You will collaborate with the field team, customer support teams and existing/new customers to resolve needs and answer questions about our service offerings
  • You will work closely with the operations team and external auditors to develop best security practices balancing usability with security
  • You will also partner with the legal and security operations compliance manager to create, maintain, and communicate policies required for security, information sharing, and use of computing infrastructure
  • You will develop deep expertise in using Splunk to analyze various data sources for anomalies from a security perspective
  • Speak publicly about Splunk’s security products, internal use of those products and related strategies for standard methodology enterprise security
  • You truly enjoy the challenge of solving a difficult technical problem gracefully

Requirements:

  • You have 5+ years of experience as an information security architect
  • You have 5+ years of experience working in or directly with a cyber incident response team
  • You have 5+ years of experience in a medium to large sized IT organization, preferably with enterprise software product companies
  • In-depth knowledge of infrastructure security concepts including network devices, firewalls, intrusion detection/prevention systems, identity services, web applications, encryption, forensic analysis, penetration/vulnerability tools, linux/windows/osx, virtualization, desktop/laptop and mobile devices
  • Knowledge of modern vulnerability threats including intelligence, discovery, mitigation, remediation and root cause
  • Strong working knowledge of IT concepts including disaster recovery, business continuity, task organization, high availability, role segregation, role engineering and security-centric QA
  • Development languages including python, java and some form of shell scripting
  • Authority in information policy formation, information security management, business risk management
  • You are self-directed, with the ability to work alone or in teams, with minimal oversight, driving positive results in difficult circumstances while maintaining attention to detail
  • Working knowledge of IT and public cloud regulatory compliance and audit frameworks including ISO, SOX, NIST, SSAE, HIPAA, PCI, and FedRAMP
  • You can maintain an exceptional level of documentation including diagrams, security standards, manuals, and project papers
  • You hold a strong ability to effectively engage and communicate as directed with a variety of audiences both technical and non-technical staff
  • You are able to explain complex systems and technical topics to others who may have minimal technical knowledge using oral, written and visual presentations
  • Working experience and knowledge of data protection policies, procedures and products, privacy rules & regulations, data security, encryption, digital rights management, data loss prevention
  • Fosters and builds a collaborative working relationship with operational and business partners
  • Bachelor’s degree in computer science, information systems business administration or related discipline is required
  • Must be eligible to work in the United States without company sponsorship