Offensive Security Engineer, App Sec Pen Tester
hace 4 semanas
Splunk is here to build a safer and more resilient digital world. The world's leading enterprises use our unified security and observability platform to keep their digital systems secure and reliable. While customers love our technology, it's our people that make Splunk stand out as an amazing career destination and why we've won so many awards as a best place to work. If you become a Splunker, we want your whole, authentic self, what we call your "million data points". So bring your work experience, problem-solving skills and talent, of course, but also bring your joy, your passion and all the things that make you, you.
Role Summary
As a member of the Application Security team, you will be responsible for testing all of Splunk's customer-facing products, and helping mature the offensive security program at Splunk. This role involves evaluating remediation for discovered vulnerabilities, carrying out application security engagements, authoring reports for development teams with detailed descriptions of findings and recommendations and working with development teams on Security Advisories. You'll also collaborate with members of the Application Security Architecture and Secure Software Development teams to provide insight into vulnerabilities and appropriate security controls to build as well as secure development practices. As Splunk's business rapidly shifts to cloud-based services, it is important to have an understanding of cloud delivery models for building and deploying applications.
Challenges in this role include: understanding the diverse Splunk product portfolio, risk-based prioritization, remediation guidance, secure design pattern consulting, incident response guidance, and bug bounty decisions.
What you'll get to do
- Have hands on application security experience and knowledge of offensive capabilities in numerous areas including web applications, mobile applications, networks, Multi Tier architecture or Distributed Systems
- Have a mature understanding of coverage and risk as a outcome of application security as it relates to product security posture and business needs
- Track and research the latest developments in application security research
- Have the ability to develop or adapt custom tooling to solve new needs
- Ability to guide and provide feedback to coworkers
- Ability to be accountable for internal programs related to the work area
- Establish relationships with engineering teams to drive Splunk products to a mature security state
- Have experience with security advisories
Must-have Qualifications
- Minimum 2+ years of demonstrated ability in application level penetration testing
- Strong understanding of vulnerabilities, common attack vectors and how to resolve them
- Ability to quickly comprehend and digest application/systems designs
- Attacker mindset: ability to think creatively about relevant threats and attacks
- Well-rounded background in application, network, and system security
- Familiarity with public cloud platforms (preferably AWS and GCP)
- Effective written and oral communication
Nice-to-have Qualifications
We've taken special care to separate the must-have qualifications from the nice-to-haves. "Nice-to-have" means just that: Nice. To. Have. So, don't worry if you can't check off every box. We're not hiring a list of bullet points–we're interested in the whole you.
- Experience with Splunk products
- Contributions to the security community such as research, public CVEs, bug-bounty recognitions, open-source projects, and blogs or publications
- Relevant development/scripting/automation experience in C++, Javascript, Python, Go
- Ability to drive efforts as a SME: thinking in whole systems, working within and between teams to have a positive security impact
Splunk is an Equal Opportunity Employer
At Splunk, we believe creating a culture of belonging isn't just the right thing to do; it's also the smart thing. We prioritize diversity, equity, inclusion, and belonging to ensure our employees are supported to bring their best, most authentic selves to work where they can thrive. Qualified applicants receive consideration for employment without regard to race, religion, color, national origin, ancestry, sex, gender, gender identity, gender expression, sexual orientation, marital status, age, physical or mental disability or medical condition, genetic information, veteran status, or any other consideration made unlawful by federal, state, or local laws. We consider qualified applicants with criminal histories, consistent with legal requirements.
-
Offensive Security Engineer, Red Team Pen Tester
hace 2 semanas
San José, San José, Costa Rica Splunk Inc A tiempo completoSplunk is here to build a safer and more resilient digital world. The world's leading enterprises use our unified security and observability platform to keep their digital systems secure and reliable. While customers love our technology, it's our people that make Splunk stand out as an amazing career destination and why we've won so many awards as a best...
-
Offensive Security Engineer, Red Team Pen Tester
hace 2 semanas
San José, San José, Costa Rica Splunk A tiempo completoSplunk is here to build a safer and more resilient digital world. The world's leading enterprises use our unified security and observability platform to keep their digital systems secure and reliable. While customers love our technology, it's our people that make Splunk stand out as an amazing career destination and why we've won so many awards as a best...
-
Penetration Tester
hace 2 semanas
San José, San José, Costa Rica Splunk A tiempo completoAbout Splunk:Join us as we pursue our disruptive new vision to make machine data accessible, usable and valuable to everyone. Splunk is a company filled with people who are passionate about our product and seek to deliver the best experience for our customers. At Splunk, we're committed to our work, customers, having fun and most meaningfully, to each...
-
Security Webapp Pen Tester
hace 2 semanas
San José, San José, Costa Rica DXC Technology A tiempo completoThe Penetration Tester will bring the following skills:Understanding of current security vulnerabilities and trends Able to effectively communicate vulnerability findings and remediation strategies to stakeholders Ability to work with minimum supervision and effectively operate in a dynamic global organization Prior experience with security operational...
-
Offensive Security Engineer
hace 2 semanas
San José, San José, Costa Rica Splunk Inc A tiempo completoSplunk - Application Security Team At Splunk, we are dedicated to creating a safer and more resilient digital environment. Major companies around the world rely on our comprehensive security and observability platform to ensure the safety and reliability of their digital infrastructure. While our technology is highly regarded by our clients, it is our...
-
Offensive Security Engineer
hace 2 semanas
San José, San José, Costa Rica Splunk A tiempo completoSplunk is here to build a safer and more resilient digital world. The world's leading enterprises use our unified security and observability platform to keep their digital systems secure and reliable. While customers love our technology, it's our people that make Splunk stand out as an amazing career destination and why we've won so many awards as a best...
-
Application Security Engineer
hace 2 semanas
San José, San José, Costa Rica VS-Staffing A tiempo completoApplication Security Engineer - Remote Costa RicaLocation: Costa RicaRole:We are looking for an experienced Application Security Engineer to join us As an Application Security Engineer, you will work as a part of our security engineering team, and you will collaborate with other IT professionals to ensure that user data is protected.What we are looking for:...
-
Security Engineer
hace 2 semanas
San José, San José, Costa Rica Fragomen A tiempo completoJob DescriptionAbout the Role: Fragomen, a top-tier legal firm and leading global immigration services provider, is looking for a skilled Security Engineer specializing in Application Security & DevSecOps to join their talented Cyber Security team. This senior-level role is located at Fragomen's Immigration Technology Innovation Lab, where cutting-edge...
-
Mac Security Engineer
hace 2 semanas
San José, San José, Costa Rica CRG Solutions A tiempo completoWe are seeking a skilled and knowledgeable Mac Security Engineer to join our dynamic team. As a Mac Security Engineer, you will play a critical role in ensuring the security and integrity of our macOS-based systems and infrastructure. Your expertise in Mac system and security architecture will be instrumental in monitoring, detecting, and responding to...
-
Security Engineer
hace 2 semanas
San José, San José, Costa Rica Fragomen A tiempo completoJob DescriptionA professional, who is passionate about security, capable of effecting change, and ready to take on new challenges, is what we seek. You will be joining a small team of Security Engineers who help make security a distinguishing factor in our immigration software and service offerings. An individual in this role would work closely with...
-
Network Security Engineer
hace 2 semanas
San José, San José, Costa Rica VS-Staffing A tiempo completoNetwork Security EngineerJob Description:Title:Network Security EngineerLocation:Remote, based in Costa RicaJob Overview:Faced with an ever-increasing cyber-security threat, organizations need to maintain a vigilant approach to protect their systems and data, and Security Engineers play a key role in this process. You will be responsible for several...
-
Security Tools Engineer
hace 2 semanas
San José, San José, Costa Rica Zuora A tiempo completoOver the past 15 years, we have seen a shift in the focus of business models across every industry - from selling physical products via one-time transactions to monetizing services via ongoing customer (aka subscriber) relationships.This is the "Subscription Economy" a phrase coined by our CEO, Tien Tzuo, he even wrote the book on it: _Subscribed_.Companies...
-
Itsm Engineer, Security
hace 2 semanas
San José, San José, Costa Rica Splunk A tiempo completoJoin us as we pursue our exciting new vision to make machine data accessible, usable and valuable to everyone. We are a company filled with people who are passionate about our product and seek to deliver the best experience for our customers. At Splunk, we're committed to our work, customers, having fun and most importantly to each other's success. Learn...
-
Security Automation Engineer
hace 2 semanas
San José, San José, Costa Rica Splunk OLD (Read Only) A tiempo completoJoin us as we pursue our exciting new vision to make machine data accessible, usable and valuable to everyone. We are a company filled with people who are passionate about our product and seek to deliver the best experience for our customers. At Splunk, we're committed to our work, customers, having fun and most importantly to each other's success. Learn...
-
Senior Security Operations Analyst
hace 2 semanas
San José, San José, Costa Rica CloudPay A tiempo completoAs a security analyst you will form part of a team which is led by a security operations lead you will be the first point of defence for the company's security operations Centre as a fast growing company we face growing threats every day the role of the analyst will be important as they will be the first in dealing with incoming security alerts of...
-
Endpoint Security Engineer Remote Latam
hace 2 semanas
San José, San José, Costa Rica VS-Staffing A tiempo completoEndpoint Security EngineerJob Description:Title:Endpoint Security EngineerLocation:RemoteJob Overview:We are seeking a skilled Endpoint Security Engineer with a strong focus on security, compliance, and mobile device management. As part of our IT team, you will manage, optimize, and secure our endpoint and mobile devices. Your expertise in configuring,...
-
Mocrosoft Intune Engineer
hace 2 semanas
San José, San José, Costa Rica Doit Security A tiempo completoCompany DescriptionEvery industry and market segment are moving toward using the cloud and becoming more digital. Doit Security supports cloud security companies that have been shaping the emerging SASE category. We provide enterprise-level services to customers all around the world. Along with protecting against destructive attacks and data exfiltration, it...
-
Detection Engineer, Global Security Operations
hace 2 semanas
San José, San José, Costa Rica Splunk A tiempo completoJoin us as we pursue our innovative new vision to make machine data accessible, usable and valuable to everyone. We are a company filled with people who are passionate about our product and seek to deliver the best experience for our customers. At Splunk, we're committed to our work, customers, having fun and most importantly to each other's success. Learn...
-
Electronic Security Project Development Engineer
hace 2 semanas
San José, San José, Costa Rica Johnson Controls A tiempo completoElectronic Security Project Engineer JrGoalSupport the Sales & Engineering teams on pre-sales and post-sales multi-faceted projects with technical activities such as takeoff, drawings, bill of materials and design.Essentials Functions Support on Request for Proposals working on takeoffs, bill of material creation, pricing, etc. Create predesign drawings...
-
Security Operations Engineer
hace 2 semanas
San José, San José, Costa Rica Splunk A tiempo completoSecurity Sustainability is responsible for maintaining the overall security posture and the improvement of security services operating in both our IT and cloud environments. We are security and software engineers who engage with product and infrastructure teams at every level, helping address a litany of security challenges. Our goal is to make the Splunk...
