Join us as we pursue our disruptive new vision to enable the world to turn data into doing. We are a company filled with people who are passionate about our product and seek to deliver the best experience for our customers. At Splunk, we’re committed to our work, customers, having fun and most significantly to each other’s success. Learn more about Splunk careers and how you can become a part of our journey!
Our Security Strategist team is a global-level group within the Field Solutions and Strategists at Splunk, and we provide expert assistance to our field teams in the subject area of Information Security. In this role you will focus mainly on envisioning, building, and maintaining field-driven, security focused content for use by our customers and partners. Some of these solutions will eventually become part of our official product offerings. While this role will focus on leading a team that focuses on delivery of new field solutions, each individual on our team contributes in a number of other functional areas. These include Splunk security evangelism, technical enablement, and working directly with Splunk customers and prospects to implement sophisticated security use cases. You will work cross-functionally, supporting sales, sales engineering, customer success, partners, Security marketing, and Security product management, among others.
This global role can be located anywhere in the U.S. near a Splunk office. At least 20% travel should be expected when it is safe to do so. You will be building solutions for use across all of our customers and partners, globally.
This role is very much a “player-coach” type of role: The successful candidate will not only be able to lead a team delivering security solutions, but will also dig in and write code along with the team on a regular basis.
+ Participate with other Security leaders at Splunk to help make important decisions about the future of our security products.
+ Represent the Global Security Strategists within meetings with other functions, and on “all-hands” type presentations.
+ Gather, report, analyze performance metrics across team members and the team as a whole, focusing on business impact, individuals enabled, solutions downloaded, etc.
+ Hire the right individuals to continue our expansion and fit into our culture.
+ Handle the day-to-day aspects of running the team including team meetings, 1:1 meetings, and maintaining/enhancing career development paths for team members.
+ Provide expert industry knowledge in a meeting with customer execs.
+ You are also expected to mentor your team in the following types of activities, and occasionally perform them yourself:
+ Write code to onboard or manipulate a particularly interesting security-relevant data source, or to build an entire add-on or improvement to our core or premium products.
+ Co-author an immersive hands-on workshop to teach our customers about insider threat, adversary hunting, or other popular topics.
+ Work with an external or internal partner to up level their app or technical add on and build parts of our next-generation CTF and workshop platform.
+ Provide expert industry knowledge internally to Splunk security-minded teams.
+ Help a technical sales resource execute a specific portion of a particularly challenging evaluation, with your hands on the keyboard.
+ Present at an external security conference or an internal event on a Splunk-relevant topic.
+ Contribute a blog post to our external blog site detailing solutions that have been built by you.
+ Craft a deep-dive workshop with customers to evaluate their various compliance needs, SOC maturity, or efficiency in using our products.
+ Help craft the direction of Splunk’s security business through decisions about organic product roadmap or inorganic acquisition.
+ File enhancement or bug reports about issues you have found in our products.
These are just a few examples – but representative of our typical cadence! A flexible and creative approach is absolutely required in this position. You will be expected to give team members guidance and support, and run interference for them as needed, but there should be very little need to hand-hold team members day-to-day.
Eight+ years of experience within the security industry, preferably as a practitioner, but a track record of success with a security or security-focused vendor is acceptable. Deep experience with the following are mandatory: Splunk core technology, recent hands-on integrating popular security solutions and moderate to expert level Python skill and web development.
+ Strong executive level presence and polish both internally and externally.
+ Demonstrated leadership of cross-functional teams tasked with full lifecycle support.
+ Up-to-date understanding of current trends in the security market.
+ Familiarity with modern SDLC methodologies (version control using git, CI/CD pipelines, application security standard methodologies) DevSecOps practitioner a plus.
+ Familiarity with cloud-native serverless architectures.
+ Expert understanding of a particular security related subject area, like APT, fraud, endpoint, compliance frameworks, etc.
+ Familiarity with common security data sources and their use for basic and advanced detection methods, including Cloud-based data sources and products and their purposes in supporting risk reduction in an organization.
+ Familiarity with competing SIEM and UEBA technologies, and with complementary technologies to Splunk.
+ Familiarity with SOAR solutions and how to develop code appropriate for them.
+ Experience with industry frameworks like ATT&CK, CIS20, LMKC.
+ CISSP, GCIH, GSEC, GCIA or equivalent experience.
+ Portfolio of public-facing materials: repositories, whitepapers, blogs, presentations, training materials that you have authored.
+ Ability to communicate concisely and accurately with no fear of public speaking to audiences large and small.
+ Ability to work remotely and across multiple time zones with a minimum of daily supervision. Self-starter is absolutely essential.
+ Ability to travel 20% within the US and Canada.
+ Bachelor’s degree in something related to technology, Masters or equivalent a plus.
We value diversity at our company. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or any other applicable legally protected characteristics in the location in which you are applying.
Splunk was founded to pursue a disruptive new vision: make machine data accessible, usable and valuable to everyone. Machine data is one of the fastest growing and most complex areas of big data—generated by every component of IT infrastructures, applications, mobile phone location data, website clickstreams, social data, sensors, RFID and much more.
Splunk is focused specifically on the challenges and opportunity of taking massive amounts of machine data, and providing powerful insights from that data. IT insights. Security insights. Business insights. It’s what we call Operational Intelligence.
Since shipping its software in 2006, Splunk now has over 13,000 customers in more than 110 countries around the world. These organizations are using Splunk to harness the power of their machine data to deepen business and customer understanding, mitigate cybersecurity risk, prevent fraud, improve service performance and reduce costs. Innovation is in our DNA – from technology to the way we do business. Splunk is the platform for Operational Intelligence!
Splunk has more than 2,700 global employees, with headquarters in San Francisco, an office in San Jose, CA and regional headquarters in London and Hong Kong.
We’ve built a phenomenal foundation for success with a proven leadership team, highly passionate employees and unique patented software. We invite you to help us continue our drive to define a new industry and become part of an innovative, and disruptive software company.
Benefits & Perks: Wow! This is really cool!
Medical, full company paid Dental, Vision and Life Insurance, Flexible Spending and Dependent Care Accounts, Commuter Accounts, Employee Stock Purchase Plan (ESPP), 401(k), 3 weeks of PTO, sick leave, stocked micro kitchens in Splunk offices, catered lunches on Mondays, catered breakfast on Fridays, basketball hoops, ping pong, arcade games, BBQ’s, soccer, “Fun Fridays”.
Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.
Medical, full company paid Dental, Vision and Life Insurance, Flexible Spending and Dependent Care Accounts, Commuter Accounts, Employee Stock Purchase Plan (ESPP), 401(k), 3 weeks of PTO and sick leave. Our work environments vary by location however we believe in hosting amenities and fun activities to fuel our energy. You may find fully stocked micro kitchens, catered lunches on Mondays and breakfast on Fridays, basketball hoops, ping pong, arcade games, BBQ’s, soccer and “Fun Fridays”.
This isn’t a job – it’s a life changer – are you ready?
Individuals seeking employment at Splunk are considered without regards to race, religion, color, national origin, ancestry, sex, gender, gender identity, gender expression, sexual orientation, marital status, age, physical or mental disability or medical condition (except where physical fitness is a valid occupational qualification), genetic information, veteran status, or any other consideration made unlawful by federal, state or local laws. Click here to review the US Department of Labor’s EEO is The Law notice. Please click here to review Splunk’s Affirmative Action Policy Statement.
Splunk does not discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. Please click here to review Splunk’s Pay Transparency Nondiscrimination Provision.
Splunk is also committed to providing access to all individuals who are seeking information from our website. Any individual using assistive technology (such as a screen reader, Braille reader, etc.) who experiences difficulty accessing information on any part of Splunk’s website should send comments to email@example.com. Please include the nature of the accessibility problem and your e-mail or contact address. If the accessibility problem involves a particular page, the message should include the URL of that page.
Splunk doesn't accept unsolicited agency resumes and won't pay fees to any third-party agency or firm that doesn't have a signed agreement with Splunk.
To check on your application click here.