Skip to main contentA logo with &quat;the muse&quat; in dark blue text.

Offensive Security Engineer

AT Splunk
Splunk

Offensive Security Engineer

Santa Ana, Costa Rica

About Splunk

Splunk, a Cisco company, is building a safer and more resilient digital world with an end-to-end full stack platform made for a hybrid, multi-cloud world. Leading enterprises use our unified security and observability platform to keep their digital systems secure and reliable. Our customers love our technology, but it's our caring employees that make Splunk stand out as an amazing career destination. No matter where in the world or what level of the organization, we approach our work with kindness. So bring your work experience, problem-solving skills and talent, of course, but also bring your joy, your passion and all the things that make you, you. Come help organizations be their best, while you reach new heights with a team that has your back.

Want more jobs like this?

Get jobs in Santa Ana, Costa Rica delivered to your inbox every week.

By signing up, you agree to our Terms of Service & Privacy Policy.

About The Role

You will be a member of the Offensive Security team, and will be responsible for testing all of Splunk's customer-facing products, and helping mature the offensive security program at Splunk. This role involves crafting attack plans, carrying out pen test engagements for development teams with detailed descriptions of findings including recommendations and reproduction steps. You'll also consult with members of the Product Security team to provide insight into vulnerabilities and appropriate security controls to build as well as secure development practices. As Splunk's business rapidly shifts to cloud-based services, crucial for the role is an understanding of cloud delivery models for building and deploying applications.

Challenges in this role include: understanding the diverse Splunk product portfolio, risk-based prioritization, ensuring penetration testing coverage, remediation guidance, secure design pattern consulting, incident response guidance, and bug bounty decisions.
You will be an ideal candidate if you:
  • Have hands on penetration testing experience and offensive capabilities in two or more core competency areas including web applications, mobile applications, networks, Multi Tier architecture or Distributed Systems
  • Perform comprehensive application penetration tests independently or collaboratively as part of a team.
  • Drive team improvements by contributing to tooling enhancements, innovation, and process optimization.
  • Collaborate effectively with security partners, service owners, and senior leadership to influence and prioritize the resolution of identified security vulnerabilities.
Required Skills:
  • 4-6+ years of demonstrated ability in application level penetration testing
  • Strong understanding of vulnerabilities, common attack vectors and how to resolve them
  • Ability to quickly comprehend and digest application/systems designs
  • Attacker mindset: ability to think creatively about relevant threats and attacks
  • Ability to prioritize a pentest through an attack plan on complex application and systems designs
  • Familiarity with public cloud platforms
  • Effective written and verbal communication
Nice-to-have Qualifications

We've taken special care to separate the must-have qualifications from the nice-to-haves. "Nice-to-have" means just that: Nice. To. Have. So, don't worry if you can't check off every box. We're not hiring a list of bullet points-we're interested in the whole you.
  • Experience with Splunk products
  • Contributions to the security community such as research, public CVEs, bug-bounty recognitions, open-source projects, and blogs or publications
  • Relevant development/scripting/automation experience in C++, Javascript, Python, Go
  • Ability to drive efforts as a SME: thinking in whole systems, working within and between teams to have a positive security impact
Splunk is an Equal Opportunity Employer

At Splunk, we believe creating a culture of belonging isn't just the right thing to do; it's also the smart thing. We prioritize diversity, equity, inclusion, and belonging to ensure our employees are supported to bring their best, most authentic selves to work where they can thrive. Qualified applicants receive consideration for employment without regard to race, religion, color, national origin, ancestry, sex, gender, gender identity, gender expression, sexual orientation, marital status, age, physical or mental disability or medical condition, genetic information, veteran status, or any other consideration made unlawful by federal, state, or local laws. We consider qualified applicants with criminal histories, consistent with legal requirements.

Note:

Base Pay Range

Costa Rica

Base Pay: CRC 24,000,000.00 - 33,000,000.00 per year

Splunk provides flexibility and choice in the working arrangement for most roles, including remote and/or in-office roles. We have a market-based pay structure which varies by location. Please note that the base pay range is a guideline and for candidates who receive an offer, the base pay will vary based on factors such as work location as set out above, as well as the knowledge, skills and experience of the candidate. In addition to base pay, this role is eligible for incentive compensation and may be eligible for equity or long-term cash awards.

Benefits are an important part of Splunk's Total Rewards package. This role is eligible for a comprehensive, competitive benefits package which may include healthcare and retirement plans, paid time off, wellbeing expense reimbursement, and much more! Learn more about our next-level benefits at https://splunkbenefits.com.

Client-provided location(s): San José Province, San José, Costa Rica
Job ID: splunk-tCUp5O5e76Q6
Employment Type: Other

Perks and Benefits

  • Health and Wellness

    • Health Insurance
    • Health Reimbursement Account
    • Dental Insurance
    • Vision Insurance
    • FSA
    • FSA With Employer Contribution
    • HSA
    • Life Insurance
    • Fitness Subsidies
    • On-Site Gym
    • Short-Term Disability
    • Long-Term Disability
    • Mental Health Benefits
    • Virtual Fitness Classes
  • Parental Benefits

    • Birth Parent or Maternity Leave
    • Non-Birth Parent or Paternity Leave
    • Fertility Benefits
    • Adoption Assistance Program
    • Family Support Resources
  • Work Flexibility

    • Flexible Work Hours
    • Remote Work Opportunities
    • Hybrid Work Opportunities
    • Work-From-Home Stipend
  • Office Life and Perks

    • Commuter Benefits Program
    • Casual Dress
    • Pet-friendly Office
    • Happy Hours
    • Snacks
    • Some Meals Provided
    • Company Outings
    • Holiday Events
  • Vacation and Time Off

    • Paid Vacation
    • Paid Holidays
    • Personal/Sick Days
    • Leave of Absence
    • Volunteer Time Off
  • Financial and Retirement

    • 401(K) With Company Matching
    • Company Equity
    • Stock Purchase Program
    • Performance Bonus
    • Financial Counseling
  • Professional Development

    • Tuition Reimbursement
    • Leadership Training Program
    • Learning and Development Stipend
    • Promote From Within
    • Mentor Program
    • Shadowing Opportunities
    • Access to Online Courses
    • Lunch and Learns
  • Diversity and Inclusion

    • Diversity, Equity, and Inclusion Program
    • Employee Resource Groups (ERG)