Join us as we pursue our disruptive new vision to make machine data accessible, usable and valuable to everyone. We are a company filled with people who are passionate about our product and seek to deliver the best experience for our customers. At Splunk, we’re committed to our work, customers, having fun and most importantly to each other’s success. Learn more about Splunk careers and how you can become a part of our journey!
Splunk is seeking a Principal Network Security Architect to join the Network Engineering & Security Team. The team is responsible for designing, building, securing, and maintaining Splunk’s global corporate and development infrastructure within Splunk’s cloud and on-prem networks.
The role will be to ensure the availability, stability, and integrity of Splunk’s network infrastructure services with a concentration on establishing a Zero Trust network platform. The architect will partner with Splunk Global Security to develop standardized reference architectures, create security guidelines, author documentation, define lifecycle and operational support models, and lead the implementation activities to deliver secure solutions.
The ideal candidate will have a solid foundation and experience in deploying and supporting a diverse range of environments, including large enterprise security infrastructure, multi-cloud network fabrics, highly available firewall designs, policy orchestration solutions, and management platforms.
Strong interpersonal skills will be critical for this position, as the architect will frequently interact with senior leadership and fellow architects. The architect will also assist leadership in defining the future technology vision and keep Splunk’s network secure and state-of-the-art.
- Assess the current architecture and work with the product leadership to layout the architectural roadmap for scale, security, and maintainability
- Determine security requirements by evaluating business strategies and information security standards, conducting system security and vulnerability analyses and risk assessments, studying architecture/platform, identifying integration issues, and preparing cost estimates.
- Establish Zero Trust network vision and manage all aspects of the design, implementation, and support in partnership with the Global Security Group.
- Develop solutions architecture and evaluate architectural alternatives for private, public, and hybrid cloud models.
- Create and document network security compliance standards, policies, and procedures.
- Self-starter to solve sophisticated problems related to high throughputs, latency, and reliability of global security infrastructure.
- Design and implement the optimal test strategy for our services.
- Design automation strategies to enhance the operational efficiency of security and remote access infrastructure globally.
- Mentor other engineers and continually raise the bar on security practices across the team and network organization.
- Enhance security team accomplishments and competence by planning delivery of solutions; answering technical and procedural questions for less experienced team members; teaching improved processes; mentoring team members.
- Plan security systems by evaluating network and security technologies; developing security requirements and standards for Public Clouds (AWS & GCP), local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices.
- Updates job knowledge by tracking and understanding emerging security practices and standards, participating in educational opportunities, reading professional publications, maintaining personal networks, and participating in professional organizations.
- Enhances department and organization reputation by accepting ownership for accomplishing new and different requests and exploring opportunities to add value to job accomplishments.
- Bachelor's degree preferably in Computer Science, Information Technology, Management Information Systems, or equivalent years of experience.
- 12+ years of network & security engineering experience, supporting large global multi-vendor enterprise infrastructure.
- Proven experience in building multi-cloud network and security solutions.
- Proven experience in developing and building Zero Trust solutions.
- Proven experience in building distributed security systems and highly available services.
- Expert knowledge in network security concepts such as firewall, network segmentation, proxies, IPS/IDS, USER-ID, APP-ID, etc.
- Expert knowledge in routing, switching technologies, and protocols: MP-BGP, OSPF, VRF, VxLAN, EVPN, QoS, GRE, IP SEC, DNS, etc.
- Knowledge of identity and access concepts and technologies to secure production and corporate access, such as SSO and SAML.
- Mentor a small, high-impact, and hardworking security team.
- Lead the implementation and configuration of security solutions, working with vendors and professional services as needed.
- Review solution architecture and lead the implementation of security solutions and configurations.
- Experience with Palo Alto Networks, including the Panorama management platform required.
- Experience using network diagnosis and packet analysis tools.
- Strong verbal and written interpersonal and communication skills.
- Ability to work independently and troubleshoot problems with speed and efficiency.
- Ability to self-motivate and manage/prioritize competing tasks.
- Strong customer service skills.
- Attention to detail and accuracy.
- Ability to work after hours to support projects and maintenance activities.
We value diversity at our company. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or any other applicable legally protected characteristics in the location in which the candidate is applying.
For job positions in San Francisco, CA, and other locations where required, we will consider for employment qualified applicants with arrest and conviction records.