Staff Security Engineer - Splunk

POS-11297

Job Overview: We are looking for an experienced Staff Security Engineer with a specialization in Splunk and a deep knowledge of data lake environments such as Snowflake to enhance our security monitoring and detection capabilities. In this role you will lead the design and optimization of our Splunk infrastructure integrating it with data lakes to broaden our threat detection and incident response capabilities. As a Staff-level Security Engineer you will serve as a technical leader driving Splunk and data lake-related initiatives and mentoring team members.

Key Responsibilities:

• Splunk Architecture & Data Lake Integration: Design and implement a scalable optimized Splunk architecture integrated with Snowflake and other data lakes to enable comprehensive security data analysis.

• Strategic Content Development: Build high-value dashboards alerts reports and visualizations within Splunk and across integrated data lakes to provide actionable insights to security teams and stakeholders.

• Data Lake Management & Optimization: Oversee the integration and maintenance of security data pipelines between Splunk and data lakes like Snowflake. Ensure data accuracy accessibility and optimized storage across these platforms.

• Automation & SOAR Integration: Develop automation solutions within Splunk and data lakes to streamline threat detection response workflows and data management. Leverage Splunk SOAR or similar solutions to enhance orchestration.

• Cross-Functional Collaboration: Collaborate closely with Security IT and Engineering teams to align on data ingestion standards security requirements and cross-platform use cases.

• Compliance & Documentation: Ensure all Splunk and data lake processes meet compliance requirements (e.g. SOC 2 ISO 27001) and maintain documentation of security processes configurations and incident investigations.

Qualifications:

• Experience: 8+ years in cybersecurity with at least 5 years focused on security monitoring threat detection or incident response; 3+ years of advanced hands-on experience in Splunk and data lake technologies (Snowflake or similar).

• Education: Bachelor’s degree in Computer Science Information Security Data Science or related field (or equivalent experience); Master’s degree preferred.

• Certifications: Relevant certifications such as Splunk Certified Architect Splunk Enterprise Security Certified Admin Snowflake certifications CISSP GCIH or other advanced security certifications are highly desirable.

• Technical Skills:

  • Expertise in Splunk Enterprise Splunk Enterprise Security (ES) and Splunk SOAR.

  • Deep knowledge of data lake architectures (Snowflake AWS S3 Google BigQuery) and experience integrating these with Splunk.

  • Advanced skills in log management SPL (Search Processing Language) and SQL for data query and transformation.

  • Proficiency in scripting languages (Python PowerShell or Bash) for automation across Splunk and data lakes.

  • Familiarity with security frameworks (MITRE ATT&CK NIST CIS) and threat detection methodologies.

  • Advanced experience in incident response and forensic investigation.

• Soft Skills:

  • Strong analytical and problem-solving abilities with attention to detail.

  • Excellent communication skills to explain technical concepts to a wide audience.

  • Ability to work collaboratively in a fast-paced evolving environment.

Cash compensation range: 136500-191100 USD Annually This resource will help guide how we recommend thinking about the range you see. Learn more about HubSpot’s compensation philosophy . The cash compensation above includes base salary on-target commission for employees in eligible roles and annual bonus targets under HubSpot’s bonus plan for eligible roles. In addition to cash compensation some roles are eligible to participate in HubSpot’s equity plan to receive restricted stock units (RSUs). Some roles may also be eligible for overtime pay. Individual compensation packages are based on a few different factors unique to each candidate including their skills experience qualifications and other job-related reasons. We know that benefits are also an important piece of your total compensation package. To learn more about what’s included in total compensation check out some of the benefits and perks HubSpot offers to help employees grow better. At HubSpot fair compensation practices isn’t just about checking off the box for legal compliance. It’s about living out our value of transparency with our employees candidates and community.

Job Overview: We are looking for an experienced Staff Security Engineer with a specialization in Splunk and a deep knowledge of data lake environments such as Snowflake to enhance our security monitoring and detection capabilities. In this role you will lead the design and optimization of our Splunk infrastructure integrating it with data lakes to broaden our threat detection and incident response capabilities. As a Staff-level Security Engineer you will serve as a technical leader driving Splunk and data lake-related initiatives and mentoring team members.

Key Responsibilities:

• Splunk Architecture & Data Lake Integration: Design and implement a scalable optimized Splunk architecture integrated with Snowflake and other data lakes to enable comprehensive security data analysis.

• Strategic Content Development: Build high-value dashboards alerts reports and visualizations within Splunk and across integrated data lakes to provide actionable insights to security teams and stakeholders.

• Data Lake Management & Optimization: Oversee the integration and maintenance of security data pipelines between Splunk and data lakes like Snowflake. Ensure data accuracy accessibility and optimized storage across these platforms.

• Automation & SOAR Integration: Develop automation solutions within Splunk and data lakes to streamline threat detection response workflows and data management. Leverage Splunk SOAR or similar solutions to enhance orchestration.

• Cross-Functional Collaboration: Collaborate closely with Security IT and Engineering teams to align on data ingestion standards security requirements and cross-platform use cases.

• Compliance & Documentation: Ensure all Splunk and data lake processes meet compliance requirements (e.g. SOC 2 ISO 27001) and maintain documentation of security processes configurations and incident investigations.

Qualifications:

• Experience: 8+ years in cybersecurity with at least 5 years focused on security monitoring threat detection or incident response; 3+ years of advanced hands-on experience in Splunk and data lake technologies (Snowflake or similar).

• Education: Bachelor’s degree in Computer Science Information Security Data Science or related field (or equivalent experience); Master’s degree preferred.

• Certifications: Relevant certifications such as Splunk Certified Architect Splunk Enterprise Security Certified Admin Snowflake certifications CISSP GCIH or other advanced security certifications are highly desirable.

• Technical Skills:

  • Expertise in Splunk Enterprise Splunk Enterprise Security (ES) and Splunk SOAR.

  • Deep knowledge of data lake architectures (Snowflake AWS S3 Google BigQuery) and experience integrating these with Splunk.

  • Advanced skills in log management SPL (Search Processing Language) and SQL for data query and transformation.

  • Proficiency in scripting languages (Python PowerShell or Bash) for automation across Splunk and data lakes.

  • Familiarity with security frameworks (MITRE ATT&CK NIST CIS) and threat detection methodologies.

  • Advanced experience in incident response and forensic investigation.

• Soft Skills:

  • Strong analytical and problem-solving abilities with attention to detail.

  • Excellent communication skills to explain technical concepts to a wide audience.

  • Ability to work collaboratively in a fast-paced evolving environment.

Cash compensation range: 136500-191100 USD Annually This resource will help guide how we recommend thinking about the range you see. Learn more about HubSpot’s compensation philosophy . The cash compensation above includes base salary on-target commission for employees in eligible roles and annual bonus targets under HubSpot’s bonus plan for eligible roles. In addition to cash compensation some roles are eligible to participate in HubSpot’s equity plan to receive restricted stock units (RSUs). Some roles may also be eligible for overtime pay. Individual compensation packages are based on a few different factors unique to each candidate including their skills experience qualifications and other job-related reasons. We know that benefits are also an important piece of your total compensation package. To learn more about what’s included in total compensation check out some of the benefits and perks HubSpot offers to help employees grow better. At HubSpot fair compensation practices isn’t just about checking off the box for legal compliance. It’s about living out our value of transparency with our employees candidates and community.