Splunk Cyber Security SME

GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. By taking a three-tiered, holistic approach for evaluating security posture and ecosystems, GuidePoint enables some of the nation’s top organizations, such as Fortune 500 companies and U.S. government agencies, to identify threats, optimize resources and integrate best-fit solutions that mitigate risk.

USPS is seeking an experienced Splunk Subject Matter Expert with strong Engineering skills to join our dynamic team. The ideal candidate will be responsible for designing, deploying, and maintaining on-premises and cloud based Splunk environments to support enterprise-level monitoring, alerting, and reporting. This role demands deep expertise in Splunk system architecture, design, implementation, configuration and operational support in a hybrid on-prem Unix/Linux and cloud-based environment.

Candidates must be able to collaborate across Dev Ops, Security, and IT teams to optimize performance, ensure data integrity, system availability and support mission-critical operations. Proven hands-on experience with a large enterprise wide Splunk environment is mandatory. Off-hours and weekend efforts for systems maintenance, upgrades and support may be required from time to time.

Responsibilities

• Design, deploy and maintain on-premises and cloud-based Splunk environments to support enterprise monitoring, alerting and reporting.
• Architect, implement, configure and operate Splunk in a hybrid Unix/Linux and cloud environment.
• Collaborate with Dev Ops, Security, and IT teams to optimize performance, data integrity and system availability.
• Provide hands-on expertise with large enterprise Splunk environments; perform maintenance, upgrades and incident response as needed.
• Mentor junior team members and communicate technical concepts clearly to technical and non-technical audiences.

Required Skills:

• 5+ years of Splunk experience.
• Manage knowledge objects (fields, extractions, tags, event types, lookups, workflow actions, aliases, macros, etc.) through automations, scripting, and management server functions; include .conf and .cfg files for Splunk Enterprise versions.
• Experience with Splunk deployment and configuration management in large-scale environments.
• Proficiency in writing complex SPL queries, dashboards and alerts.
• Experience with REST APIs for Splunk and external system integration.
• Ability to analyze and troubleshoot complex data ingestion and parsing issues.
• Design and develop automation workflows and dashboards.
• Self-starter with a service-oriented mindset; able to work independently to move projects forward.
• Strong problem-solving and the ability to translate research insights into practical solutions.
• Strong communication and collaboration skills for technical and non-technical audiences.
• Experience mentoring and guiding junior researchers or team members.

Preferred

Skills:

• Ability to leverage the Splunk AI Assistant and other AI tools to increase task accuracy and efficiency.
• Advanced knowledge of Unix/Linux and/or Windows system administration and troubleshooting.
• Scripting skills in Bash, Python, JavaScript, SQL and Power Shell for automation and integration.
• Experience with Splunk upgrades, patching, and performance tuning.
• Proficiency in integrating Splunk with cloud platforms (AWS, GCP, Azure).
• Understanding of security and compliance requirements and implementation of RBAC in Splunk.
• Knowledge of logging standards and best practices across application and infrastructure layers.
• Experience with defense-in-depth concepts, network/security architecture, and IT device integrity.
• Experience with data onboarding projects and Splunk Apps for Data Science/Deep Learning or SOAR tooling.
• Experience in cybersecurity, systems/network administration or observability.

Experience

• A minimum of eight (8) to twelve (12) years of relevant experience.
• A degree in an applicable field; if not, four additional years of related experience.
• Typically performs all functional duties independently.
• Special credentials may be required at the Task Order level on a case-specific basis.

Additional Provisions

• Pass a client-mandated clearance process, including drug screening, criminal history check and credit check.
• Eligibility for interim or final security clearance as applicable.
• U.S. citizenship or permanent resident status required.
• Travel restrictions: no more than 6 months travel outside the United States within the last five years (military service excluded).
• Overtime requires pre-approval; overtime reimbursement follows client authorization rules.
• Business casual dress code.

We use Greenhouse Software for applicant tracking and Zoom Scheduler for HR screens. Check your SPAM folder to avoid missing updates on your application.

GuidePoint Security offers a range of benefits and a growing, collaborative workplace. Remote work is common (U.S. based; limited travel for…