Senior Advanced Response Analyst - Splunk Global Security (US Remote Available)
Splunk
- Texas Colorado
- Permanent
- Full-time
- Build strong relationships with business owners and service providers from across Splunk
- Lead the response to sophisticated cyber security incidents across multiple teams, spanning all Splunk environments
- Lead analysts during technical investigations to reconstruct the chain of events that resulted in a cyber security incident and conduct analysis when needed
- Champion opportunities to improve Splunk's cyber security posture through threat hunt, detection, architecture, communications, and risk management work streams
- Tell the story of cyber security incidents via detailed reports and presentations to key business level partners
- 8+ years professional IT or IT Security experience
- 2 years or more of experience leading the response to cyber security incidents
- Experience administering, defending, or analyzing MacOS or Linux
- Technical expertise and depth in two or more of the following areas: digital forensics, detection creation, threat hunting, cloud administration, programming/automation
- Experience with SIEM log analysis from a diverse set of network, host, and identity data sources
- Experience responding to multiple incidents at the same time or large scale incidents
- Comfort mentoring junior analysts
- Experience documenting and automating repetitive tasks and playbooks, ideally in Python
- Experience with process development and creation
- Ability to apply the MITRE ATT&CK and Killchain frameworks to security operations
- Ability to multitask, prioritize, and take-charge during stressful situations
- Ability to effectively communicate highly technical information to non-technical partners
- Great interpersonal skills and ability to see things through the customer's eyes
- Participation in ART's on-call rotation to respond to off-hours/weekend incidents
- Eligibility to work in Czechia without company sponsorship