Splunk Incident Response Analyst (US Remote Available) in Plano, Texas

[ad_1] Join us as we pursue our vision to make machine data accessible, usable and valuable to everyone. We are a company filled with people who are passionate about our product and seek to deliver the best experience for our customers. At Splunk, we’re committed to our work, customers, having fun, and most importantly to each other’s success. Learn more about Splunk careers and how you can become a part of our journey! Role: The Splunk Threat Response Incident Response Analyst works with the Security Operations Center Shift Lead, aligned with our United States-based shifts. The role is located in Costa Rica. In this role, you will be responsible for supporting our response to cyber security threats. You will also contribute to a variety of supporting security operations projects, including automation, detection creation, threat hunting, and more. You will have a foundational understanding of Information Security and Information Technology principles and disciplines coupled with excellent communications skills and a continuous desire to learn and grow. We are a passionate team who has fun, enjoys a good laugh, but above all else thinks security first. Responsibilities: • Perform various tasks required to support the 24×7 operation helping to improve documentation, building processes, and enrichment of security events within the Splunk Enterprise Security platform. This is a shift-based 4 days per week, 10-hour shift position. • Contribute to new and ongoing security projects across automation, threat hunting, and detection creation and tuning • Improve the quality of searches to enrich data with critical information. • Gather evidence to support the organization’s compliance and control monitoring responsibilities • Review and update existing runbooks to ensure optimal and efficient response actions • Assist in the development of new searches to find malicious activity in the Splunk environment • Validate existing data sources meet data quality standards Requirements: • Two to five years of experience working in a Security Operations Center or equivalent environment • Foundational knowledge of security related technologies including firewalls, intrusion detection systems and endpoint security tools • Foundational knowledge of TCP/IP protocols, network analysis, and the OSI framework • Foundational knowledge of endpoint and server systems administration • Foundational knowledge of Cloud technologies • Foundational proficiency in Python and Go, with additional knowledge of PowerShell and Bash preferred • Ability to multitask, prioritize and take-charge • Willingness and desire to think outside of the box for creative solutions to problems with the moxie to follow-through • Excellent interpersonal skills • Good attention to detail We value diversity at our company. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or any other applicable legally protected characteristics in the location in which the candidate is applying. Note: Base Pay Range SF Bay Area, Seattle Metro, and New York City Metro Area Base Pay Range: $125,600.00 – 172,700.00 per year California (excludes SF Bay Area), Washington (excludes Seattle Metro), Washington DC Metro, and Massachusetts Base Pay Range: $112,000.00 – 154,000.00 per year All other cities and states excluding California, Washington, Massachusetts, New York City Metro Area and Washington DC Metro Area. Base Pay Range: $104,000.00 – 143,000.00 per year Splunk provides flexibility and choice in the working arrangement for most roles, including remote and/or in-office roles. We have a market-based pay structure which varies by location. Please note that the base pay range is a guideline and for candidates who receive an offer, the base pay will vary based on factors such as work location as set out above, as well as the knowledge, skills and experience of the candidate. In addition to base pay, this role is eligible for incentive compensation and may be eligible for equity or long-term cash awards. Benefits are an important part of Splunk’s Total Rewards package. This role is eligible for a competitive benefits package which includes medical, dental, vision, a 401(k) plan and match, paid time off and much more! Learn more about our comprehensive benefits and wellbeing offering at https://splunkbenefits.com . [ad_2] Apply tot his job Apply To this Job