An Interview with Jose Hernandez, Security Research Engineer

I guess you can say Jose Hernandez has done it all. From building an underwater submarine to building his own startup, he's a boomerang Splunker who is now back to help create and optimize analytics in our security products. Keep reading to learn more about his journey.

Q: Tell us about yourself. What is your name, which office location do you work out of, and how long have you been at Splunk?
A: My name is Jose Hernandez. I work remotely in Miami, Florida. This is my 2nd week the second time around. The first time I joined Splunk I was there for about a year and a half.

Q: What is your current role at Splunk and what does a typical day look like for you?
A: I am a principal security researcher. My typical day is either analyzing badness on the internet or writing tools/searches to capture that badness at Splunk.

Q: Why did you decide to join Splunk?
A: I was completely enamored by the product. I used to be a Splunk champion at my previous company, and it felt like a natural evolution for my career. I love data analytics and I love security. I was given a role where I got to do that for our biggest customers. Honestly, it’s the people and the product they make if I had to break it down to simple words.

Q: Why did you leave Splunk and what motivated you to return?
A: Before I joined Splunk the first time, I was at a company called Prolexic which got bought out by Akamai. And they provided DDos protection services to customers, which is now Akamai security. As a security architect at Prolexic, part of the team’s role was building security products among other things. When Akamai bought us, we knew we weren’t going to innovate in a lot of areas we wanted to because it wasn’t in line with their product strategy.

About a year and a half into Splunk, an old friend from Akamai contacted me and basically said “Look, we’re putting a thing together, we’re going to take all the ideas we had and build a company out of it.” And that’s how strongly we felt about it. I left Splunk to be co-founder at a startup with two other colleagues from Akamai, and after three years, Oracle ended up acquiring it. It was called Zenedge, and we offered web application firewall, DDos and bot mitigation as a cloud service. Soon after, I decided to return to Splunk and continue some of the security research left behind.

Q: What is an accomplishment at Splunk that you’re proud of?
A: I have a few but the one I’m most proud of is helping build this thing called Automatic Mitigation Framework, which is a tool that is built on top of Splunk Enterprise Security. Once something gets detected, the framework makes an API call to custom python deploy on Splunk forwarders that would automatically block the attack at the endpoint. I think that project, amongst many things, evolved into the Active Response Framework which was what Splunk was using until recently when they acquired Phantom. I was super proud of that.

Q: What are your hobbies and what can we find you doing outside of work?
A: Diving. In Florida, there are reefs right off the beach, if you want to drive and get a nicer view, the Keys are about 3 hours away. You can go to the Keys and there are amazing reefs there.

Q: Anything else you’d like to share that you haven’t shared already?
A: I built an underwater submarine. Long story short, I’m part of a local hacker community here called Hack Miami, and during one of our meetings...I don’t know if it was a dare or if we were just thinking of crazy ideas...but we tossed around the idea of building an underwater remote controlled submarine, and I was like “Okay! I’m going to give it a shot.” And after 2 months I built Sensor Sub. I got some funding from the city of Miami to put water sensors on it to test the water quality of Miami and capture that data to see which canals were livable.

As part of my master thesis I ran a public intelligence service based on the Collective Intelligence Framework (CIF). Ended up contributing to the project after my masters was done, build things like visualizations, support tools and improved code base.

In college, I used to work for the mayor. Setting up computer labs for city improvement projects for underdeveloped cities. That was fun giving back to the community.

At Splunk, we're committed to supporting individual career growth, even if that means leaving Splunk to pursue your dreams! We're proud of Jose’s accomplishments outside of Splunk and we are super excited to have him back. Want to learn more about what drew Jose back? Check out our Products Jobs at Splunk or visit Splunk Careers!

Tracy Edkins

Posted by


Show All Tags
Show Less Tags