Solution Architect (Security) - Splunk - Remote

Job posting may be removed earlier if the position is filled or if a sufficient number of applications are received.

A Splunk Security Solution Architect is responsible for assisting customers with implementing their Security Operations Management strategy, processes, and solutions using Splunk security products. Previous job titles and responsibilities may include Security Architect, Enterprise Architect, Splunk Enterprise Security Architect, or Security Operations Analyst.

The Splunk Security Solution Architect primarily works with the customer's Security Operations (SecOps) team or, in organizations where security is a core competency, the Security Operations Director. Security Solution Architects in large organizations often act as a bridge between Enterprise Architects, Application Architects, Security Operations Management, and various business segments.

This role requires a highly seasoned IT security professional who has successfully led projects in security operations, security software development, or security service management, particularly where business owners significantly impact IT and security success-ideally in various roles. The Security Solution Architect must be able to clearly communicate ideas both orally and in writing to executive staff, business sponsors, and technical resources in concise language appropriate to each group.

This role can be performed anywhere in the United States.

Requirements:

* 7+ years in Information Technology, focusing on security operations, applications test and deployment, or IT service management (process design/management)

Key Responsibilities:

* Define and document Security Operations Management processes, best practices, standards, frameworks, and implementation strategy.

* Translate business security goals and objectives into IT security strategy and roadmap.

* Communicate the business case for Security Operations Management initiatives to executive and business sponsors.

* Analyze the current state of security processes and prioritize automation and monitoring projects based on business value.

* Formulate and communicate best practices for using Splunk's security tools, including Splunk Enterprise Security (ES).

* Maintain, improve, and implement a Security Operations Management strategy with the customer's security organization, including clear value metrics.

* Collaborate with project teams to strategize and align long-term solutions for Security Operations Management, including roadmap, tools, frameworks, and approaches that align with business goals and key initiatives.

* Create documentation and communicate security automation processes to project teams and testers.

* Provide leadership, guidance, training, and mentoring to project teams and Security Operations Management engineers for implementing security processes and best practices

Desired Experience:

* Security Operations Management knowledge, including familiarity with technologies such as security information and event management (SIEM), threat intelligence, incident response, compliance management, orchestration tools, and scripting toolkits.

* Experience collaborating with product development teams to ensure future versions of Splunk security products meet strategic security automation objectives.

* Research, test, and recommend new or complementary security technologies from various vendors that can contribute to Security Operations Management initiatives.

* Establishment of 'best practice' frameworks to automate security monitoring, threat detection, response, and compliance activities.

* Experience and comfort with complex, heterogeneous IT infrastructure, including existing security platforms, operating systems, middleware, and applications.

* Familiarity with how Security Operations Management supports application development, IT operations, and security service management.

* Strong understanding of compliance/regulatory issues, data privacy, and broad application security principles.

Consultant Transition to Security Solution Architect:
The role and strengths required for a Security Solution Architect may differ. The key is to identify a Security Solution Architect who is strategic-minded, business-aware, and technically proficient. Other considerations include:

* Experience working with customer senior management in planning Security Operations Management processes to define, monitor, measure, and improve business and technical services.

* Experience working with customer technical teams in deploying security infrastructure monitoring, including expertise in SPL search, scripting, security application development, testing, and deployment methods.

* Experience working with customer business units to assist in the development of a sustainable security strategy driven by business goals and objectives.

Consultants from diverse backgrounds can fulfill the role of Security Solution Architect, but they will need to broaden their skills to meet these requirements. Only the most competent Security Solution Architects with the broadest understanding will deliver successful Security Operations Management and Monitoring deployment strategies that address process, people, and technology-from application development to business service management.

Basic Qualifications:

* Expert in the adoption and use of leading Security Operations Management methods and tools

* 5+ years of experience in design and development of Security Operations Management frameworks and strategies

* Expert knowledge in one or more scripting and/or programming languages is a plus

* Responds appropriately and competently to the demands of work challenges when confronted with changes, ambiguity, adversity, and other pressures

* Excellent analytical and problem-solving skills

* Excellent presentation skills

* Effective written and verbal communication skills

* Good team and interpersonal skills

* Ability to travel

At Cisco, we're revolutionizing how data and infrastructure connect and protect organizations in the AI era - and beyond. We've been innovating fearlessly for 40 years to create solutions that power how humans and technology work together across the physical and digital worlds. These solutions provide customers with unparalleled security, visibility, and insights across the entire digital footprint.

Fueled by the depth and breadth of our technology, we experiment and create meaningful solutions. Add to that our worldwide network of doers and experts, and you'll see that the opportunities to grow and build are limitless. We work as a team, collaborating with empathy to make really big things happen on a global scale. Because our solutions are everywhere, our impact is everywhere.

We are Cisco, and our power starts with you.

Individual pay is determined by the candidate's hiring location, market conditions, job-related skillset, experience, qualifications, education, certifications, and/or training. The full salary range for certain locations is listed below. For locations not listed below, the recruiter can share more details about compensation for the role in your location during the hiring process.

U.S. employees are offered benefits, subject to Cisco's plan eligibility rules, which include medical, dental and vision insurance, a 401(k) plan with a Cisco matching contribution, paid parental leave, short and long-term disability coverage, and basic life insurance. Please see the Cisco careers site to discover more benefits and perks. Employees may be eligible to receive grants of Cisco restricted stock units, which vest following continued employment with Cisco for defined periods of time.

U.S. employees are eligible for paid time away as described below, subject to Cisco's policies:

• 10 paid holidays per full calendar year, plus 1 floating holiday for non-exempt employees

• 1 paid day off for employee's birthday, paid year-end holiday shutdown, and 4 paid days off for personal wellness determined by Cisco

• Non-exempt employees** receive 16 days of paid vacation time per full calendar year, accrued at rate of 4.92 hours per pay period for full-time employees

• Exempt employees participate in Cisco's flexible vacation time off program, which has no defined limit on how much vacation time eligible employees may use (subject to availability and some business limitations)

• 80 hours of sick time off provided on hire date and each January 1st thereafter, and up to 80 hours ofunused sick timecarried forwardfrom one calendar yearto the next

• Additional paid time away may be requested to deal with critical or emergency issues for family members

• Optional 10 paid days per full calendar year to volunteer

For non-sales roles, employees are also eligible to earn annual bonuses subject to Cisco's policies.

Employees on sales plans earn performance-based incentive pay on top of their base salary, which is split between quota and non-quota components, subject to the applicable Cisco plan. For quota-based incentive pay, Cisco typically pays as follows:

• .75% of incentive target for each 1% of revenue attainment up to 50% of quota;

• 1.5% of incentive target for each 1% of attainment between 50% and 75%;

• 1% of incentive target for each 1% of attainment between 75% and 100%; and

• Once performance exceeds 100% attainment, incentive rates are at or above 1% for each 1% of attainment with no cap on incentive compensation.

For non-quota-based sales performance elements such as strategic sales objectives, Cisco may pay 0% up to 125% of target. Cisco sales plans do not have a minimum threshold of performance for sales incentive compensation to be paid.

The applicable full salary ranges for this position, by specific state, are listed below:

New York City Metro Area:

Non-Metro New York state & Washington state:

* For quota-based sales roles on Cisco's sales plan, the ranges provided in this posting include base pay and sales target incentive compensation combined.

** Employees in Illinois, whether exempt or non-exempt, will participate in a unique time off program to meet local requirements.