Senior Security Engineer - CO, US - Splunk
Security Engineer – Application Penetration Testing
You will be a part of an exciting new Red Team initiative and will be responsible for penetration testing Splunk’s suite of products (on-prem and cloud). You will be the go-to person for researching new threats, executing creati ve exploits and establishing an internal pen etration t est ing lab. In addition , you will work with external researchers and external penetration test ing vendors to ensure that all publicly known vulnerabilities are appropriately addressed by Splunk .
You will be an ideal candidate if you
- Have significant penetration testing experience and offensive capabilities in numerous core competency areas primarily in applications, but networks, infrastructure (cloud and on-prem ) and mobile.
- Track the latest developments in vulnerability research , and how they may impact Splunk or its customers .
- Have a proven track record in participating in bug bounties .
- Having a few CVEs in your name or public street cred (blogs, research, education) a big plus .
- Have experience using standard tools for penetration testing and have the ability to develop tooling to solve new needs.
- 4-7 Years experience in application, mobile and infrastructure pen etration testing.
- Strong understanding of vulnerabilities, common attack vectors and how to resolve them.
- Attacker mindset abili ty to think about different threats and creative attack vectors.
- Well-rounded background in host, network, mobile and application security .
- Effective written and oral communication
- Contributions to the security community such as research, public CVEs, bug-bounty recognitions, open-source projects, and blogs or publications.
- Experience with Splunk