Senior Cyber Security Engineer - Splunk (TS/SCI with CI)

Who we are:

ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion and a focus on giving back to our community.  

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individuals technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 144 hours of PTO, 11 holidays, 85% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement and more.

Who we’re looking for:

We are seeking a Senior Cyber Security Engineer (Splunk) to support mission-critical cybersecurity operations through administration and engineering of a large enterprise Splunk environment. The ideal candidate brings strong hands-on Splunk experience and works effectively with engineers and cyber analysts across a dynamic enterprise environment. The Sr. Cyber Security Engineer (Splunk) role contributes directly to cyber defense initiatives by maintaining, tuning and securing Splunk systems while supporting integrations and enterprise data collection. This is a unique opportunity to shape the growth, development and culture of an exciting and fast-growing company in the cybersecurity market.

What you’ll be doing:

• Manage day-to-day operations of large enterprise Splunk deployments.
• Troubleshoot data collection issues and resolve system conditions impacting stability or integrity.
• Deploy and maintain supported and unsupported Splunk add-ons.
• Execute Splunk Enterprise upgrades and patches.
• Configure and deploy Splunk forwarders using centralized management tools.
• Maintain and tune Splunk Enterprise Security (ES) content and platform performance.
• Manage knowledge objects, data models, dashboards, alerts and operational content.
• Support API integrations and external system connectivity.
• Develop and maintain engineering and compliance documentation.
• Contribute to Splunk deployment documentation, architecture diagrams and system documentation.
• Enforce role-based access controls and operational security policies.
• Collaborate with cyber analysts and engineering teams to improve detection and response capabilities.
• Apply relevant security policies, standards and technical guidelines to ensure compliance.

What you need to know:

• Strong experience administering and engineering Splunk in large enterprise environments, including upgrades, patching, add-on management and forwarder deployment.
• Hands-on experience with Splunk Enterprise Security (ES), including content configuration, tuning and performance optimization.
• Ability to troubleshoot complex data collection and onboarding issues while maintaining platform stability, integrity and operational security controls (RBAC).
• Proficiency across Unix and Windows environments, with the ability to produce clear engineering and compliance documentation, diagrams and operational artifacts.

Must have’s:

• Bachelor’s degree or 4+ additional years of cybersecurity experience in lieu of a degree.
• 5+ years of experience in an enterprise and/or cybersecurity-focused environment.
• Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking.
• Experience with Splunk administration and engineering.
• Experience with Splunk Enterprise Security (ES) operations and configurations.
• Proficiency with Unix and Windows environments.
• DoD 8570 IAT Level II certification (e.g., Security+, CCNA-Security, GSEC).
• Applicants must hold and maintain an active TS/SCI with CI Polygraph.

Beneficial to have:

• Splunk certifications such as Architect, Consultant I/II, Admin or Power User.
• Experience with scripting or programming languages (e.g., Bash, Python, Java, Perl, .NET).
• Familiarity with developing and deploying operational and security use cases within Splunk.

Where it’s done:

• Onsite (Chantilly, VA).