Security and Risk Management

San Jose, Costa Rica

- Hybrid Remote

Apply Now

Splunk, a Cisco company, is building a safer and more resilient digital world with an end-to-end full stack platform made for a hybrid, multi-cloud world. Leading enterprises use our unified security and observability platform to keep their digital systems secure and reliable. Our customers love our technology, but it's our caring employees that make Splunk stand out as an amazing career destination. No matter where in the world or what level of the organization, we approach our work with kindness. So bring your work experience, problem-solving skills and talent, of course, but also bring your joy, your passion and all the things that make you, you. Come help organizations be their best, while you reach new heights with a team that has your back.

Role Summary

Are you passionate about tackling sophisticated, high-impact security challenges at scale? Join our dynamic Software Security Engineering team and work alongside product development teams to embed ground breaking secure software practices across the entire Splunk product portfolio. In this role, you'll dive deep into identifying evolving vulnerability patterns, analyze real-world attack tactics, and craft innovative security solutions that safeguard Splunk’s industry-leading products. Collaborating with Product Security, Risk, and Compliance teams, you’ll play a pivotal role in ensuring Splunk not only meets but exceeds new policy and regulatory requirements. Get ready to make a tangible impact on the future of security at Splunk!

Meet the Global Security Team

Splunk is here to build a safer and more resilient digital world. The world's leading enterprises use our unified security and observability platform to keep their digital systems secure and reliable. While customers love our technology, it's our people that make Splunk stand out as an amazing career destination and why we've won so many awards as a best place to work. If you become a Splunker, we want your whole, authentic self, what we call your "million data points". So bring your work experience, problem-solving skills and talent, of course, but also bring your joy, your passion and all the things that make you, you.

What you'll get to do

Analyze and Innovate: Identify emerging code vulnerability trends and research real-world attack patterns to stay ahead of evolving security threats.
Develop Cutting-Edge Solutions: Design and implement sophisticated security mechanisms that protect Splunk’s products from vulnerabilities and attacks.
Collaborate Across Teams: Work closely with Product Development, Product Security, Risk, and Compliance teams to ensure security is woven into every phase of the software development lifecycle.
Shape Security Strategy: Contribute to crafting Splunk’s security strategy by integrating secure coding standards and vulnerability management into the product pipeline.
Drive Regulatory Excellence: Ensure Splunk remains proactive and aligned with the latest policy and regulatory requirements.

Must-have Qualifications

5 years in software security, with a deep understanding of secure coding practices, vulnerability management, and common security flaws (e.g., OWASP Top 10).
5 years of programming in languages such as Python, Java, C++, or Go, and the ability to identify and remediate security issues in code.
Strong understanding of risk management principles and popular regulatory requirements (e.g., FEDRAMP, HIPAA, SOC 2) and how they impact security and software development.
Analytical and problem-solving abilities to address sophisticated security challenges at scale.
Bachelors degree in Computer Science, Security, or equivalent work experience.

Nice-to-have Qualifications

We’ve taken special care to separate the must-have qualifications from the nice-to-haves. “Nice-to-have” means just that: Nice. To. Have. So, don’t worry if you can’t check off every box. We’re not hiring a list of bullet points–we’re interested in the whole you.

Familiarity with threat modeling techniques.
Experience implementing security tooling and automation within software build pipelines.
Proven track record to work effectively in cross-functional teams to implement security practices.
Security certifications such as CompTIA Security+ or GIAC Security Essentials.

Splunk is an Equal Opportunity Employer

Splunk, a Cisco company, is an Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status, or any other legally protected basis.

Note:

Apply Now

Explore open roles >

Splunk's Hiring Practices

^{Splunk turns machine data into answers. Organizations use market-leading Splunk solutions with machine learning to solve their toughest IT, Internet of Things and security challenges.}

^{We value diversity, equity, and inclusion at Splunk and are committed to equal employment opportunity. Qualified applicants receive consideration for employment without regard to race, religion, color, national origin, ancestry, sex, gender, gender identity, gender expression, sexual orientation, marital status, age, physical or mental disability or medical condition, genetic information, veteran status, or any other consideration made unlawful by federal, state or local laws. We consider qualified applicants with criminal histories, consistent with legal requirements. Click here to review the US Department of Labor’s EEO is The Law notice. Please click here to review Splunk’s Affirmative Action Policy Statement. If you need assistance or an accommodation to apply or during the hiring process, please let us know by completing our Accommodation Request form.}

^{Splunk also has policies in place to protect the personal information candidates disclose to us as part of the application process. Please click here to review Splunk’s Career Site Privacy Policy.

Splunk does not discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. Please click here to review Splunk’s Pay Transparency Nondiscrimination Provision.

Splunk is committed to the health and safety of our employees and customers. Splunk is impacted by the mandates outlined for U.S. Government contractors in President Biden’s Path out of the Pandemic: COVID-19 Action Plan. As a result, Splunk requires U.S. employees, whether assigned to an office or 100% remote, to provide proof of full vaccination, as defined by the CDC. Splunk provides reasonable accommodations for employees who have qualifying medical or religious reasons.

Splunk is also committed to providing access to all individuals who are seeking information from our website. Any individual using assistive technology (such as a screen reader, Braille reader, etc.) who experiences difficulty accessing information on any part of Splunk’s website should send comments to accessiblecareers@splunk.com. Please include the nature of the accessibility problem and your e-mail or contact address. If the accessibility problem involves a particular page, the message should include the URL of that page.

Splunk doesn't accept unsolicited agency resumes and won't pay fees to any third-party agency or firm that doesn't have a signed agreement with Splunk.

To check on your application click here.}