Now hiring

Security Engineer, Splunk Security CoE Operations @ Cisco

Heredia, Heredia, Costa RicaOnsiteFull-timePosted 24 days ago

Opens on the employer's site

About this role

Role requires on call rotation, 24x7 follow the sun model, one week per month

Remote or Hybrid schedule available

Meet The Team

This role will be part of the Splunk Security Center of Excellence team. You’ll get to collaborate with a passionate group of engineers and security professionals who are focused on continuously improving how we detect, respond to, and automate security operations. The team is deeply invested in improving the internal customer experience, building smarter automation, and increasing the resilience of the services that protect the organization. If you enjoy diving into complex technical challenges, optimizing systems, and building solutions that make security operations more efficient, this team provides the environment to do it. We’re a group that takes security seriously but also believes great work happens in a supportive and collaborative environment. We enjoy solving tough problems together, sharing knowledge, and having a good laugh along the way.

Your Impact

You’ll be responsible for developing, fixing, and debugging internal deployments of core Splunk technologies, including Splunk Cloud Platform and SOAR. Your work will directly impact the reliability and effectiveness of the systems that power our security operations. This is a hands-on opportunity to combine strong information security knowledge with software development principles to solve meaningful problems at scale.

• Ensure the steady-state operations of the Splunk products used by Splunk's in-house Security Operations team

• Work closely with the Splunk Global Security (SGS) teams to improve existing automation and search initiatives that deliver resilient solutions

• Tap into your expertise of all things Splunk to address issues

• Build and improve custom data onboarding scripts and add-ons for internal corporate tools and services

• Analyze internal metrics and workflows to reduce false positives and accurately focus engineering efforts

• Develop repeatable processes to build playbooks to efficiently resolve any incidents that arise

• Serve as initial support for internal customers and maintain high availability of playbooks.

• Implement validated security strategies related to our team’s Linux-based and AWS-based infrastructure, Python code, and containerized services

Minimum Qualifications

• Bachelor’s Degree + 6 years of related experience

• Experience in Splunk and/or Splunk SOAR administration that supported cybersecurity or information technology teams

• Experience in tool integrations, CI/CD and REST APIs as well as software development experience with Python, Golang, JavaScript, or similar

• Experience with git and version control systems, like GitLab and/or GitHub

• Experience in Security Operations, SIEM, Incident Response, and/or Threat Intelligence

• Experience in Linux administration and Cloud Technologies, such as AWS

Preferred Qualifications

• Excellent communication skills, both verbal and written; able to explain intricate technical topics to varying groups

Why Cisco? At Cisco, we’re revolutionizing how data and infrastructure connect and protect organizations in the AI era – and beyond. We’ve been innovating fearlessly for 40 years to create solutions that power how humans and technology work together across the physical and digital worlds. These solutions provide customers with unparalleled security, visibility, and insights across the entire digital footprint. Fueled by the depth and breadth of our technology, we experiment and create meaningful solutions. Add to that our worldwide network of doers and experts, and you’ll see that the opportunities to grow and build are limitless. We work as a team, collaborating with empathy to make really big things happen on a global scale. Because our solutions are everywhere, our impact is everywhere. We are Cisco, and our power starts with you.

Skills

security architecturerisk assessmentsecurity software engineeringthreat detection engineeringsplunk soarpython automationlinux system administrationsecurity code reviewazure kubernetes serviceaws cloud infrastructureterraformsecurity assessmentscloud securitycybersecurity incident responsesplunk administration

Ready to apply?

Install the ResuMinder extension and we'll auto-fill the application in seconds — no rewriting.

Get the extension →
See how your CV scores