Splunk is here to build a safer and more resilient digital world. The world's leading enterprises use our unified security and observability platform to keep their digital systems secure and reliable. While customers love our technology, it's our people that make Splunk stand out as an amazing career destination and why we've won so many awards as a best place to work. If you become a Splunker, we want your whole, authentic self, what we call your "million data points". So bring your work experience, problem-solving skills and talent, of course, but also bring your joy, your passion and all the things that make you, you.
Role Summary
If you thrive on leading and scaling security teams to keep up with a rapidly growing business, and empowering development teams to build security into every product we ship, we want to talk to you. Splunk has a growing portfolio of products and are simultaneously embarking on a journey to “Cloud First” delivery of all our services, so it is critical that we have effective processes to identify, fix, and prevent security defects in all our products.
We are looking for a Manager to lead our Application Security team tasked with raising the security bar across every Splunk product. The responsibilities of this team include penetration testing, security reviews, vulnerability triage and risk management, delivering security training to our development community, and partnering with our Security Automation team to “shift left” with security. This role presents the opportunity to build and grow a team of highly skilled security engineers who interact and collaborate with a large number of developers, architects, and product managers across the company.
As the leader of the team, you are responsible for mentoring, and developing the careers of each team member, and focusing the team’s resources on the areas that best improve the company’s security posture, decrease security risk, and protect our customers and their data.
You will be part of an organization that, beyond reviewing, testing, and hardening Splunk products, invests heavily in a sophisticated culture of security products across the organization. Application Security is complex and context-specific and, as such, requires every member of the organization to understand how security is achieved in their area. Splunk is a fast-growing, dynamic environment where priorities can shift quickly. In order to succeed, you should have the ability to boldly prioritize, communicate with clarity, and be committed to empowering your team and the teams we support to carry out the mission collectively.
What you'll get to do
- Hire, mentor, and guide direct reports, help them work through challenges, and facilitate their career development
- Coordinate and lead independent work streams, and provide synchronization across the full team
- Establish a short and long term roadmap for the team, and complete the roadmap
- Build critical metrics to measure success SDLC control coverage, rate of discovery, resolution time for findings, etc.
- Plan out application penetration testing
- Work closely with developers and architects to identify security issues early in the development cycle
- Collaborate with other teams to solve security problems with minimal disruption to other business functions
- Continuous process improvement introducing new tools, technologies, and practices to help the team scale
- Promote a Paved Road approach to security across the products organization, providing all the resources to secure products with minimal friction
Must-have Qualifications
- Bachelor's Degree in computer science or related field and 8+ years of experience in product security in an agile environment
- Deep knowledge of security best practices, including threat modeling, penetration testing, and risk analysis
- Experience building and securing services in both on-premise and public cloud environments
- Proven track record to hire and develop security engineering talent
- Experience leading a distributed team working on multiple concurrent work streams, and including remote workers
- Understanding of Agile/Scrum methodologies
- Excellent verbal and written communication skills
Nice-to-have Qualifications
We’ve taken special care to separate the must-have qualifications from the nice-to-haves. “Nice-to-have” means just that Nice. To. Have. So, don’t worry if you can’t check off every box. We’re not hiring a list of bullet points–we’re interested in the whole you.
- Contributions to the security community research papers, conference talks, open source, etc.
- Experience with application security for SaaS products
- Experience collaborating with compliance, privacy, legal, and customer support teams
Splunk is an Equal Opportunity Employer
At Splunk, we believe creating a culture of belonging isn’t just the right thing to do; it’s also the smart thing. We prioritize diversity, equity, inclusion, and belonging to ensure our employees are supported to bring their best, most authentic selves to work where they can thrive. Qualified applicants receive consideration for employment without regard to race, religion, color, national origin, ancestry, sex, gender, gender identity, gender expression, sexual orientation, marital status, age, physical or mental disability or medical condition, genetic information, veteran status, or any other consideration made unlawful by federal, state, or local laws. We consider qualified applicants with criminal histories, consistent with legal requirements.
Note
Base Pay Range
SF Bay Area, Seattle Metro, and New York City Metro Area
Base Pay Range $159,200.00 - 218,900.00 per year
California (excludes SF Bay Area), Washington (excludes Seattle Metro), Washington DC Metro, and Massachusetts
Base Pay Range $143,280.00 - 197,010.00 per year
All other cities and states excluding California, Washington, Massachusetts, New York City Metro Area and Washington DC Metro Area.
Base Pay Range $127,360.00 - 175,120.00 per year
Splunk provides flexibility and choice in the working arrangement for most roles, including remote and/or in-office roles. We have a market-based pay structure which varies by location. Please note that the base pay range is a guideline and for candidates who receive an offer, the base pay will vary based on factors such as work location as set out above, as well as the knowledge, skills and experience of the candidate.
In addition to base pay, this role is eligible for incentive compensation and may be eligible for equity or long-term cash awards.
Benefits are an important part of Splunk's Total Rewards package. This role is eligible for a competitive benefits package which includes medical, dental, vision, a 401(k) plan and match, paid time off and much more! Learn more about our comprehensive benefits and wellbeing offering at https //splunkbenefits.com.