Role requires on call rotation, 24x7 follow the sun model, one week per month 

Remote or Hybrid schedule available 

Meet The Team 

This role will be part of the Splunk Security Center of Excellence team. You’ll get to collaborate with a passionate group of engineers and security professionals who are focused on continuously improving how we detect, respond to, and automate security operations. The team is deeply invested in improving the internal customer experience, building smarter automation, and increasing the resilience of the services that protect the organization. If you enjoy diving into complex technical challenges, optimizing systems, and building solutions that make security operations more efficient, this team provides the environment to do it. We’re a group that takes security seriously but also believes great work happens in a supportive and collaborative environment. We enjoy solving tough problems together, sharing knowledge, and having a good laugh along the way. 

Your Impact 

You’ll be responsible for developing, fixing, and debugging internal deployments of core Splunk technologies, including Splunk Cloud Platform and SOAR. Your work will directly impact the reliability and effectiveness of the systems that power our security operations. This is a hands-on opportunity to combine strong information security knowledge with software development principles to solve meaningful problems at scale. 

• Ensure the steady-state operations of the Splunk products used by Splunk's in-house Security Operations team 

• Work closely with the Splunk Global Security (SGS) teams to improve existing automation and search initiatives that deliver resilient solutions  

• Tap into your expertise of all things Splunk to address issues 

• Build and improve custom data onboarding scripts and add-ons for internal corporate tools and services 

• Analyze internal metrics and workflows to reduce false positives and accurately focus engineering efforts 

• Develop repeatable processes to build playbooks to efficiently resolve any incidents that arise 

• Serve as initial support for internal customers and maintain high availability of playbooks. 

• Implement validated security strategies related to our team’s Linux-based and AWS-based infrastructure, Python code, and containerized services 

Minimum Qualifications 

• Bachelor’s Degree + 6 years of related experience 

• Experience in Splunk and/or Splunk SOAR administration that supported cybersecurity or information technology teams 

• Experience in tool integrations, CI/CD and REST APIs as well as software development experience with Python, Golang, JavaScript, or similar 

• Experience with git and version control systems, like GitLab and/or GitHub 

• Experience in Security Operations, SIEM, Incident Response, and/or Threat Intelligence 

• Experience in Linux administration and Cloud Technologies, such as AWS 

Preferred Qualifications 

• Excellent communication skills, both verbal and written; able to explain intricate technical topics to varying groups 

Why Cisco? 

At Cisco, we’re revolutionizing how data and infrastructure connect and protect organizations in the AI era – and beyond. We’ve been innovating fearlessly for 40 years to create solutions that power how humans and technology work together across the physical and digital worlds. These solutions provide customers with unparalleled security, visibility, and insights across the entire digital footprint.

Fueled by the depth and breadth of our technology, we experiment and create meaningful solutions. Add to that our worldwide network of doers and experts, and you’ll see that the opportunities to grow and build are limitless. We work as a team, collaborating with empathy to make really big things happen on a global scale. Because our solutions are everywhere, our impact is everywhere. 

We are Cisco, and our power starts with you.