Splunk, a Cisco company, is building a safer and more resilient digital world with an end-to-end full stack platform made for a hybrid, multi-cloud world. Leading enterprises use our unified security and observability platform to keep their digital systems secure and reliable. Our customers love our technology, but it's our caring employees that make Splunk stand out as an amazing career destination. No matter where in the world or what level of the organization, we approach our work with kindness. So bring your work experience, problem-solving skills and talent, of course, but also bring your joy, your passion and all the things that make you, you. Come help organizations be their best, while you reach new heights with a team that has your back.Role:The Cybersecurity Incident Response Analyst works in Splunk's global, shift-based, 24/7 Security Operations Center (SOC) supporting the detection and response to cyber threats. You will have comprehensive applied knowledge of Information Security and Information Technology principles, excellent communication skills, and a desire to continuously learn and grow. We are a passionate team who has fun and enjoys a good laugh, but above all else, thinks security first!Responsibilities:Support the 24x7 SOC operation: respond to security alerts, contain threats, and ensure the safety and security of Splunk's product environmentsAssist in tuning and updating detection logic in collaboration with Detection EngineeringImprove the quality of searches to enrich data through creation of automation and orchestration playbooksParticipate in threat hunting engagements across Splunk environments to surface sophisticated attacks and threatsCollect and represent evidence to support the organization's compliance and control monitoring responsibilitiesAuthor, review, and update existing runbooks to ensure optimal and efficient response actionsPartner with Splunk's Center of Excellence to validate existing data sources and improve data ingestion standards, ensuring data qualityCollaborate with Splunk product teams by sharing observations and helping test security-related featuresWork closely with teammates to share knowledge and contribute to a positive and effective team environmentRequirements: Bachelor's degree in computer science or related field or equivalent relevant experience (2+ years)Familiarity with information security technologies, including firewalls, intrusion detection systems, and endpoint security tools; basic understanding of cloud and container security tools and practices is a plusSolid grasp of TCP/IP protocols, DNS, network analysis, and the OSI frameworkExposure or hands-on experience with cloud platforms and technologiesAbility to manage multiple tasks and stay organized in a fast-paced environmentApproaches problems creatively and follows through on solutionsExcellent interpersonal skills and ability to see situations through a Customer First lens; ability to translate sophisticated technical concepts into clear, accessible languageMeticulous attention to detail; consistently meets high standards of qualitySplunk is an Equal Opportunity EmployerAt Splunk, we believe creating a culture of belonging isn’t just the right thing to do; it’s also the smart thing. We prioritize diversity, equity, inclusion, and belonging to ensure our employees are supported to bring their best, most authentic selves to work where they can thrive. Qualified applicants receive consideration for employment without regard to race, religion, color, national origin, ancestry, sex, gender, gender identity, gender expression, sexual orientation, marital status, age, physical or mental disability or medical condition, genetic information, veteran status, or any other consideration made unlawful by federal, state, or local laws. We consider qualified applicants with criminal histories, consistent with legal requirements.

Thank you for your interest in Splunk!