Product Security Engineer, PSIRT

We have a disruptive new vision to make machine data accessible, usable, and valuable to everyone. Our engineers are passionate about our products and our customers demand more of it. At Splunk, we’re committed to our people, customers and having fun at work! Splunk is an industry leader in the “Data to Everything” platform and is well-positioned to extend the lead with our bold new vision.

Splunk’s Product Security Incident Response Team (PSIRT) is seeking a highly talented and motivated security engineer to help drive our vulnerability and risk management functions, and raise the security bar for every product in our portfolio. The PSIRT team works across the entire organization and the work is highly visible and impactful. Escalations come in from many directions, including enterprise customers, internal discoveries, and the security research community, so it is important that you are organized and can work calmly under pressure.

In this role, you will analyze security vulnerabilities and help define remediation strategies, communicate with customers and security researchers, and work cross-functionally with other internal stakeholder groups to drive resolution of security issues.

Responsibilities

• Verify security bug reports and perform root cause analysis and variant analysis
• Triage security issues to determine affected Splunk products and version
• Investigate, track and drive remediation for open source vulnerabilities
• Work closely with product management and engineering teams to drive issues to closure
• Actively hunt for bugs in Splunk products through manual testing and automated tools like static and dynamic analyzers
• Communicate with external researchers, reporting organizations, and customers to convey status and maintain ongoing collaboration
• Write and publish security advisories
• Continually improve processes used to identify and fix product security issues

Requirements

• 2+ years of Application Security or Information Security experience
• Experience working in a CSIRT, CIRT, or PSIRT functions
• BA/BS in computer science, a related discipline, or equivalent work experience
• Strong understanding of OWASP Top 10
• Experience with application security tools, such as static analysis, dynamic analysis, vulnerability scanners, intercepting proxies, etc.
• Familiar with both Windows and Linux operating systems
• Comfortable reading and writing code in at least one of: C++, Javascript, Python, Go
• Excellent verbal and written communication skills

Preferred Qualifications

• Contributions to the security community: research papers, conference talks, open source, etc.
• Relevant information security certifications, such as GCIH, ECIH, GPEN, OSCP, etc.
• Experience deploying services in AWS or GCP
• Experience working with security researchers or bug bounty programs