Senior Advanced Response Analyst
Updated on 9/26/2023

5,001-10,000 employees

Data management & visualization platform
Company Overview
Splunk's mission is to address the challenges and opportunities of managing massive streams of machine-generated big data. Splunk is the leading software platform for machine data that enables customers to gain real-time Operational Intelligence.
Experience Level
Desired Skills
IT & Security
  • 5+ years professional IT or IT Security experience
  • 2 years or more of experience leading the response to cyber security incidents
  • Experience administering, defending, or analyzing MacOS or Linux
  • Technical expertise and depth in two or more of the following areas: digital forensics, detection creation, threat hunting, cloud administration, programming/automation
  • Experience with SIEM log analysis from a diverse set of network, host, and identity data sources
  • Experience responding to multiple incidents at the same time or large scale incidents
  • Comfort mentoring junior analysts
  • Experience documenting and automating repetitive tasks and playbooks, ideally in Python
  • Experience with process development and creation
  • Ability to apply the MITRE ATT&CK and Killchain frameworks to security operations
  • Ability to multitask, prioritize, and take-charge during stressful situations
  • Ability to effectively communicate highly technical information to non-technical partners
  • Great interpersonal skills and ability to see things through the customer's eyes
  • Participation in ART's on-call rotation to respond to off-hours/weekend incidents
  • Build strong relationships with business owners and service providers from across Splunk
  • Lead the response to sophisticated cyber security incidents across multiple teams, spanning all Splunk environments
  • Lead analysts during technical investigations to reconstruct the chain of events that resulted in a cyber security incident and conduct analysis when needed
  • Champion opportunities to improve Splunk's cyber security posture through threat hunt, detection, architecture, communications, and risk management work streams
  • Tell the story of cyber security incidents via detailed reports and presentations to key business level partners