Splunk Phantom is a security orchestration, automation, and response (SOAR) platform from Splunk, whose headquarters are in San Francisco, California. The product enables security operations teams to automate playbooks, orchestrate workflows across s...
People who have worked here often talk about the product passion and talented peers. You will hear engineers mention the satisfaction of automating boring security work, and analysts will tell you they learned a lot about incident response quickly. Some say the pace can be intense during product pushes, but they also highlight camaraderie — folks help one another and celebrate wins. If you are considering working at Splunk Phantom, expect a team that cares about results and learns fast.
The company culture at Splunk Phantom leans technical, pragmatic, and security-focused. There is an emphasis on shipping features that actually help defenders. Teams are driven by measurable outcomes rather than bureaucracy. At the same time, you will find pockets of playfulness: hack days, demo sessions, and spirited Slack chats. Overall, company culture at Splunk Phantom is one where competence is respected and curiosity is rewarded.
Work-life balance at Splunk Phantom varies by role and team, but many employees report a generally reasonable balance. You will find teams that stick to standard hours with occasional sprint crunches. During incident response or major releases, you may need to put in extra time, but routine weeks are usually manageable. Managers are often accommodating when personal needs arise, and flexible schedules are common.
Job security is moderate to strong for employees who consistently deliver high value. The product addresses a persistent market need in security automation, which creates steady demand. There are, however, occasional reorganizations tied to broader company strategy or market shifts. Employees who build cross-functional skills and stay aligned to core product priorities will generally be better insulated from downsizing.
Leadership is experienced in security and enterprise software, and executive focus is typically on product-market fit and customer outcomes. Communication from the top can be clear around big initiatives, but details sometimes trickle down unevenly. Managers are usually technical and results-oriented; strategic direction is present, though execution clarity varies across divisions.
Manager quality is mixed but leans positive. Good managers are supportive, provide clear objectives, and advocate for their teams during resource discussions. Less effective managers may micromanage or struggle to balance competing priorities. If you join, seek a manager who values mentorship and feedback — they tend to make the biggest difference in day-to-day experience.
The company invests in learning through internal training, documentation, and mentorship. Engineers and analysts often attend security conferences and trainings, and there is encouragement to pursue relevant certifications. Knowledge sharing is common via brown-bag talks and code reviews. Formal training budgets exist but may vary by level and location.
Opportunities for promotions are available but depend heavily on team visibility and performance metrics. Promotion cycles follow set review periods, and employees who take on cross-team projects or deliver customer-facing impact tend to move faster. Career ladders are defined, though some employees feel advancement can be slower in larger product teams.
Salary ranges are competitive with the security software market. Typical base ranges in the U.S. are roughly:
There are performance-based bonuses and incentive plans, particularly for sales roles. Engineering and product staff may receive annual performance bonuses and equity grants tied to company milestones. Bonus structures are formalized and tied to performance reviews; top performers will see meaningful upside beyond base salary.
Full-time employees generally receive comprehensive benefits: medical, dental, and vision coverage, plus life insurance and disability options. Retirement plans such as 401(k) with matching are commonly offered in relevant regions. Parental leave and mental health resources are part of the benefits mix. Exact plans and employer contributions vary by country and tenure.
Engagement activities include quarterly town halls, hackathons, team offsites, and regular all-hands meetings. Social events range from informal team lunches to larger product demos and celebration gatherings. Remote-friendly virtual events help distributed teams stay connected. Engagement is genuine and oriented toward both learning and team bonding.
Remote work support is solid. The company supports hybrid and fully remote roles depending on the position, with the necessary collaboration tools and documented processes. Remote employees report access to equipment stipends, cloud-based development environments, and a culture that accepts asynchronous work. Onboarding remote hires is generally well-structured.
Typical working hours are around 40 per week, with spikes up to 45–55 during critical releases or incidents. Flexible scheduling is common, and many teams trust employees to manage their calendars. Night or weekend work is occasional and usually linked to time-zone coordination or urgent production issues.
Attrition is moderate and fluctuates with product cycles and broader market conditions. There have been isolated reorganizations rather than frequent mass layoffs. Turnover tends to be higher in highly competitive markets like sales and certain engineering hubs, while core product teams show better retention. Transparency during transitions has improved over time.
Overall, this is a good place for professionals who want to work on impactful security automation and who value technical excellence. Compensation and benefits are competitive, and the company offers meaningful learning and career growth for those who take ownership. There are occasional communication gaps and the pace can be demanding at times, but strong managers and a collaborative culture make it a worthwhile workplace for many. Overall company rating: 4 out of 5.
Read authentic experiences from current and former employees at Splunk Phantom
Great product that customers love and a lot of smart, energetic coworkers. Onboarding and initial training were solid, and there are good resources for learning the platform.
High quota pressure and long hours during quarter end. After Splunk's acquisition there were more managerial changes which made career progression unclear for my role.
Supportive engineering team, strong focus on automation, access to modern tooling and meaningful mentorship. Flexible hours and the hybrid setup work well for my life.
Compensation is fair but not outstanding compared to similar Bay Area roles. Product roadmap can be slow at times and there's occasional org churn after acquisitions.
