Cybersecurity Incident Response Analyst Arizona

Position:
Cybersecurity Incident Response Analyst at Splunk, Arizona.

The Cybersecurity Incident Response Analyst works in Splunk's global, shift-based, 24/7 Security Operations Center (SOC) supporting the detection and response to cyber threats. You will have comprehensive applied knowledge of information security and information technology principles, excellent communication skills, and a desire to continuously learn and grow. The team values fun, laughter, and a security-first mindset.

• Support the 24x7 SOC operation: respond to security alerts, contain threats, and ensure the safety and security of Splunk's product environments
• Contribute to the development and improvement of detection logic in collaboration with our Detection Engineering function
• Improve the quality of searches to enrich data through creation of automation and orchestration playbooks
• Perform reactive and novel threat hunting engagements across Splunk environments to surface sophisticated attacks and threats
• Collect and represent evidence to support the organization's compliance and control monitoring responsibilities
• Author, review, and update existing runbooks to ensure optimal and efficient response actions
• Partner with Splunk's Center of Excellence to validate existing data sources and improve data ingestion standards, ensuring data quality
• Collaborate with product development teams to support testing, feedback, and idea generation for Splunk products
• Serve as a trusted resource to fellow analysts, providing guidance, mentorship, and support in day-to-day operations and projects to elevate overall team performance

• 5+ years of related experience; or a Master's degree with 3 years of related experience
• Bachelor's degree in computer science or a related field, or equivalent relevant experience
• Robust experience with information security technologies, including firewalls, intrusion detection systems, and endpoint security tools; solid understanding of cloud and container security tools and practices is a plus
• Solid grasp of TCP/IP protocols, DNS, network analysis, and the OSI framework
• Experience with cloud platforms and technologies
• Ability to multitask, prioritize, and lead response operations and team initiatives
• Ability to think outside the box for creative solutions to problems with the moxie to follow-through
• Excellent interpersonal skills and ability to see situations through a Customer First lens; ability to translate sophisticated technical concepts into clear, accessible language
• Meticulous attention to detail; consistently meets high standards of quality

Splunk is an Equal Opportunity Employer. We prioritize diversity, equity, inclusion, and belonging. Qualified applicants receive consideration for employment without regard to race, religion, color, national origin, ancestry, sex, gender identity, gender expression, sexual orientation, marital status, age, disability, medical condition, genetic information, veteran status, or any other consideration made unlawful by federal, state, or local laws. We consider qualified applicants with criminal histories, consistent with legal requirements.

Benefits are an important part of Splunk's Total Rewards package. This role is eligible for a competitive benefits package that includes medical, dental, vision, a 401(k) plan and match, paid time off, and more.