Staff Security Engineer, Splunk

POS-11297

Job Overview: We are looking for an experienced Staff Security Engineer with a specialization in Splunk and a deep knowledge of data lake environments, such as Snowflake, to enhance our security monitoring and detection capabilities. In this role, you will lead the design and optimization of our Splunk infrastructure, integrating it with data lakes to broaden our threat detection and incident response capabilities. As a Staff-level Security Engineer, you will serve as a technical leader, driving Splunk and data lake-related initiatives and mentoring team members.

Key Responsibilities:

• Splunk Architecture & Data Lake Integration: Design and implement a scalable, optimized Splunk architecture integrated with Snowflake and other data lakes to enable comprehensive security data analysis.
• Strategic Content Development: Build high-value dashboards, alerts, reports, and visualizations within Splunk and across integrated data lakes to provide actionable insights to security teams and stakeholders.
• Data Lake Management & Optimization: Oversee the integration and maintenance of security data pipelines between Splunk and data lakes like Snowflake. Ensure data accuracy, accessibility, and optimized storage across these platforms.
• Automation & SOAR Integration: Develop automation solutions within Splunk and data lakes to streamline threat detection, response workflows, and data management. Leverage Splunk SOAR or similar solutions to enhance orchestration.
• Cross-Functional Collaboration: Collaborate closely with Security, IT, and Engineering teams to align on data ingestion standards, security requirements, and cross-platform use cases.
• Compliance & Documentation: Ensure all Splunk and data lake processes meet compliance requirements (e.g., SOC 2, ISO 27001) and maintain documentation of security processes, configurations, and incident investigations.

Qualifications:

• Experience: 8+ years in cybersecurity, with at least 5 years focused on security monitoring, threat detection, or incident response; 3+ years of advanced hands-on experience in Splunk and data lake technologies (Snowflake or similar).
• Education: Bachelor’s degree in Computer Science, Information Security, Data Science, or related field (or equivalent experience); Master’s degree preferred.
• Certifications: Relevant certifications, such as Splunk Certified Architect, Splunk Enterprise Security Certified Admin, Snowflake certifications, CISSP, GCIH, or other advanced security certifications are highly desirable.

• Technical Skills:

  • Expertise in Splunk Enterprise, Splunk Enterprise Security (ES), and Splunk SOAR.
  • Deep knowledge of data lake architectures (Snowflake, AWS S3, Google BigQuery) and experience integrating these with Splunk.
  • Advanced skills in log management, SPL (Search Processing Language), and SQL for data query and transformation.
  • Proficiency in scripting languages (Python, PowerShell, or Bash) for automation across Splunk and data lakes.
  • Familiarity with security frameworks (MITRE ATT&CK, NIST, CIS) and threat detection methodologies.
  • Advanced experience in incident response and forensic investigation.

• Soft Skills:

  • Strong analytical and problem-solving abilities with attention to detail.
  • Excellent communication skills to explain technical concepts to a wide audience.
  • Ability to work collaboratively in a fast-paced, evolving environment.

Cash compensation range: 136500-191100 USD Annually

This resource will help guide how we recommend thinking about the range you see. Learn more about HubSpot’s compensation philosophy.

The cash compensation above includes base salary, on-target commission for employees in eligible roles, and annual bonus targets under HubSpot’s bonus plan for eligible roles. In addition to cash compensation, some roles are eligible to participate in HubSpot’s equity plan to receive restricted stock units (RSUs). Some roles may also be eligible for overtime pay. Individual compensation packages are based on a few different factors unique to each candidate, including their skills, experience, qualifications and other job-related reasons.

We know that benefits are also an important piece of your total compensation package. To learn more about what’s included in total compensation, check out some of the benefits and perks HubSpot offers to help employees grow better.

At HubSpot, fair compensation practices isn’t just about checking off the box for legal compliance. It’s about living out our value of transparency with our employees, candidates, and community.

Job Overview: We are looking for an experienced Staff Security Engineer with a specialization in Splunk and a deep knowledge of data lake environments, such as Snowflake, to enhance our security monitoring and detection capabilities. In this role, you will lead the design and optimization of our Splunk infrastructure, integrating it with data lakes to broaden our threat detection and incident response capabilities. As a Staff-level Security Engineer, you will serve as a technical leader, driving Splunk and data lake-related initiatives and mentoring team members.

Key Responsibilities:

• Splunk Architecture & Data Lake Integration: Design and implement a scalable, optimized Splunk architecture integrated with Snowflake and other data lakes to enable comprehensive security data analysis.
• Strategic Content Development: Build high-value dashboards, alerts, reports, and visualizations within Splunk and across integrated data lakes to provide actionable insights to security teams and stakeholders.
• Data Lake Management & Optimization: Oversee the integration and maintenance of security data pipelines between Splunk and data lakes like Snowflake. Ensure data accuracy, accessibility, and optimized storage across these platforms.
• Automation & SOAR Integration: Develop automation solutions within Splunk and data lakes to streamline threat detection, response workflows, and data management. Leverage Splunk SOAR or similar solutions to enhance orchestration.
• Cross-Functional Collaboration: Collaborate closely with Security, IT, and Engineering teams to align on data ingestion standards, security requirements, and cross-platform use cases.
• Compliance & Documentation: Ensure all Splunk and data lake processes meet compliance requirements (e.g., SOC 2, ISO 27001) and maintain documentation of security processes, configurations, and incident investigations.

Qualifications:

• Experience: 8+ years in cybersecurity, with at least 5 years focused on security monitoring, threat detection, or incident response; 3+ years of advanced hands-on experience in Splunk and data lake technologies (Snowflake or similar).
• Education: Bachelor’s degree in Computer Science, Information Security, Data Science, or related field (or equivalent experience); Master’s degree preferred.
• Certifications: Relevant certifications, such as Splunk Certified Architect, Splunk Enterprise Security Certified Admin, Snowflake certifications, CISSP, GCIH, or other advanced security certifications are highly desirable.

• Technical Skills:

  • Expertise in Splunk Enterprise, Splunk Enterprise Security (ES), and Splunk SOAR.
  • Deep knowledge of data lake architectures (Snowflake, AWS S3, Google BigQuery) and experience integrating these with Splunk.
  • Advanced skills in log management, SPL (Search Processing Language), and SQL for data query and transformation.
  • Proficiency in scripting languages (Python, PowerShell, or Bash) for automation across Splunk and data lakes.
  • Familiarity with security frameworks (MITRE ATT&CK, NIST, CIS) and threat detection methodologies.
  • Advanced experience in incident response and forensic investigation.

• Soft Skills:

  • Strong analytical and problem-solving abilities with attention to detail.
  • Excellent communication skills to explain technical concepts to a wide audience.
  • Ability to work collaboratively in a fast-paced, evolving environment.

Cash compensation range: 136500-191100 USD Annually

This resource will help guide how we recommend thinking about the range you see. Learn more about HubSpot’s compensation philosophy.

The cash compensation above includes base salary, on-target commission for employees in eligible roles, and annual bonus targets under HubSpot’s bonus plan for eligible roles. In addition to cash compensation, some roles are eligible to participate in HubSpot’s equity plan to receive restricted stock units (RSUs). Some roles may also be eligible for overtime pay. Individual compensation packages are based on a few different factors unique to each candidate, including their skills, experience, qualifications and other job-related reasons.

We know that benefits are also an important piece of your total compensation package. To learn more about what’s included in total compensation, check out some of the benefits and perks HubSpot offers to help employees grow better.

At HubSpot, fair compensation practices isn’t just about checking off the box for legal compliance. It’s about living out our value of transparency with our employees, candidates, and community.

We know the confidence gap* and* imposter syndrome can get in the way of meeting spectacular candidates, so please don’t hesitate to apply — we’d love to hear from you.

**If you need accommodations or assistance due to a disability, please reach out to us using this form.* This information will be treated as confidential and used only for the purpose of determining an appropriate accommodation for the interview process.*

*At HubSpot, we value both flexibility and connection. Whether you’re a Remote employee, or work from the Office, we want you to start your journey here by building strong connections with your team and peers. *

If you are joining our Engineering team in a full-time role, you will be required to attend a regional HubSpot office for in-person onboarding. If you join our broader Product team, you’ll also attend other in-person events such as HubSpot’s annual PEER week, your Product Group Summit, and other in-person gatherings to continue building on those connections.

If you require an accommodation due to travel limitations or other reasons, please inform your recruiter during the hiring process. We are committed to supporting candidates who may need alternative arrangements.

**Germany Applicants:* (m/f/d) - link to HubSpot's Career Diversity page here.*

**India* Applicants: link to HubSpot India's equal opportunity policy here.*

About HubSpot

HubSpot (NYSE: HUBS) is a leading customer relationship management (CRM) platform that provides software and support to help businesses grow better. We build marketing, sales, service, and website management products that start free and scale to meet our customers’ needs at any stage of growth. We’re also building a company culture that empowers people to do their best work. If that sounds like something you’d like to be part of, we’d love to hear from you.

You can find out more about our company culture in the HubSpot Culture Code, which has more than 5M views, and learn about our commitment to creating a diverse and inclusive workplace, too. Thanks to the work of every employee globally, HubSpot was named the #2 Best Place to Work on Glassdoor in 2022 and has been recognized for its award-winning culture by Great Place to Work, Comparably, Fortune, Entrepreneur, Inc., and more.

Headquartered in Cambridge, Massachusetts, HubSpot was founded in 2006. Today, thousands of employees across the globe work remotely and in HubSpot offices. Visit our careers website to learn more about the culture and opportunities at HubSpot.

By submitting your application, you agree that HubSpot may collect your personal data for recruiting, global organization planning, and related purposes. HubSpot's *Privacy Notice** explains what personal information we may process, where we may process your personal information, our purposes for processing your personal information, and the rights you can exercise over HubSpot’s use of your personal information.*