user avatar

Splunk Integration Engineer

General Dynamics Information Technology

Today
Top Secret/SCI
Unspecified
Unspecified
Tampa, FL (On-Site/Office)

Deliver simple solutions to complex problems as a Splunk Integration Engineer at GDIT. Here, you'll tailor cutting-edge solutions to the unique requirements of our clients. With a career in application development, you'll make the end user's experience your priority and we'll make your career growth ours.

At GDIT, people are our differentiators. As a Splunk Integration Engineer you will help ensure today is safe and tomorrow is smarter. Our work depends on the Splunk Integration Engineer joining our team to support the CITS contract for USCENTCOM based in Tampa, Florida.

The Splunk Integration Engineer will play a key role in the design, implementation, and optimization of Splunk as an enterprise platform, supporting SIEM, IT Service Intelligence (ITSI), User Behavior Analytics (UBA), and Application Performance Monitoring (APM) across a multi-domain environment. This role requires hands-on experience with distributed Splunk architecture and a strategic vision for log management, analytics, and service observability across complex mission systems.

HOW A SYSTEMS ENGINEER ADVISOR WILL MAKE AN IMPACT:
  • Drive the deployment and ongoing optimization of Splunk components as a core enterprise analytics platform, supporting cybersecurity, IT operations, and business intelligence
  • Developing and managing data ingestion pipelines from diverse sources: infrastructure, network, applications, endpoints, and security systems.
  • Implementing and tuning ITSI services, KPIs, and glass tables to enhance service visibility and operational resilience.
  • Configuring and maintaining UBA policies and models to support insider threat detection and advanced analytics.
  • Integrating APM solutions into Splunk for real-time performance insights and troubleshooting across application tiers.
  • Building scalable and reusable content: dashboards, alerts, correlation rules, analytics workbooks, and compliance reports.
  • Automating workflows and deployments using SOAR, Python, PowerShell, and CI/CD pipelines where applicable.
  • Coordinating with mission owners and cross-functional teams to align logging, analytics, and operational needs across domains.
  • Maintaining detailed documentation of integration architectures, deployment processes, and system configurations.
  • Supporting system upgrades, patching, and performance tuning across the Splunk platform.
  • Evaluating and onboarding new data sources to enhance enterprise visibility and threat detection.
  • Collaborating with cybersecurity, IT operations, and development teams to integrate Splunk into existing workflows.
  • Developing and maintaining custom apps, technology add-ons (TAs), and integration connectors.
  • Interfacing with vendors and engineering teams to resolve platform-related issues.
  • Supporting metrics-driven decision-making by producing data visualizations and reports for leadership.
  • Mentoring junior analysts and engineers in Splunk usage, development, and administration.


WHAT YOU'LL NEED TO SUCCEED:
  • Required Experience: 8+ years of related experience
  • Required Technical Skills:
    • Applicable DoD 8140 or DoD 8570 Certification
    • Deep expertise in Splunk Enterprise, ITSI, UBA, and APM modules
    • Experience designing and supporting Splunk in a multi-domain or cross-network enterprise
    • Proficiency in data onboarding, normalization (CIM compliance), and custom parsing
    • Strong understanding of service health modeling and performance baselining in Splunk ITSI
    • Experience with behavioral analytics, identity telemetry, and insider threat use cases via Splunk UBA
    • Proficiency in scripting languages (e.g., Python, PowerShell, Bash) for automation and integration
    • Knowledge of enterprise infrastructure (Windows/Linux/VMware/Cloud) and app telemetry (APM)
    • Ability to produce comprehensive documentation and transition solutions into operations
  • Preferred Skills:
    • Experience with supporting tools: ForeScout, Trellix, Elastic, ArcSight
    • Familiarity with cloud-native logging, container monitoring, and microservices instrumentation
    • Integration with SOAR, threat intel feeds, or case management systems
    • Knowledge of data privacy, retention, and compliance standards relevant to DoD environments
    • Splunk Core Certified Power User or Architect Certification
    • ITSI Implementation or Observability Suite Certification
    • Experience with USCENTCOM or multi-domain defense networks
    • Familiarity with Zero Trust and enterprise observability frameworks
    • ITIL 4 Foundation Certification
  • Location: On Site-Tampa, FL
  • Security Clearance Level: TS/SCI clearance required


GDIT IS YOUR PLACE:
  • 401K with company match
  • Comprehensive health and wellness packages
  • Internal mobility team dedicated to helping you own your career
  • Professional growth opportunities including paid education and certifications
  • Cutting-edge technology you can learn from and and utilize to make a real impact on the world around you.
  • Rest and recharge with paid vacation and holidays


#ARMA

#CENTCOMCITS

Work Requirements
group id: 90979310

Explore the Art of the Possible | GDIT

job ad image
Find General Dynamics Information Technology on Social Media
Network Employers
user avatar
About Us
We are GDIT. The people supporting and securing some of the most complex government, defense, and intelligence projects across the country. We ensure today is safe and tomorrow is smarter. Our work has meaning and impact on the world around us, but also on us, and that’s important.

GDIT is your place. You make it your own by embracing autonomy, seizing opportunity, and being trusted to deliver your best every day

GDIT
Opportunity Owned
job ad2 image

General Dynamics Information Technology Jobs


Clearance Level
Top Secret/SCI