Own your opportunity to work with the largest government agency in the nation. Make an impact by advancing the Department of Defense’s mission to keep our country safe and secure.
Job DescriptionDeliver simple solutions to complex problems as a Splunk Integration Engineer at GDIT. Here, you’ll tailor cutting-edge solutions to the unique requirements of our clients. With a career in application development, you’ll make the end user’s experience your priority and we’ll make your career growth ours.
At GDIT, people are our differentiators. As a Splunk Integration Engineer you will help ensure today is safe and tomorrow is smarter. Our work depends on the Splunk Integration Engineer joining our team to support the CITS contract for USCENTCOM based in Tampa, Florida.
The Splunk Integration Engineer will play a key role in the design, implementation, and optimization of Splunk as an enterprise platform, supporting SIEM, IT Service Intelligence (ITSI), User Behavior Analytics (UBA), and Application Performance Monitoring (APM) across a multi-domain environment. This role requires hands-on experience with distributed Splunk architecture and a strategic vision for log management, analytics, and service observability across complex mission systems.
HOW A SYSTEMS ENGINEER ADVISOR WILL MAKE AN IMPACT:
Drive the deployment and ongoing optimization of Splunk components as a core enterprise analytics platform, supporting cybersecurity, IT operations, and business intelligence
Developing and managing data ingestion pipelines from diverse sources: infrastructure, network, applications, endpoints, and security systems.
Implementing and tuning ITSI services, KPIs, and glass tables to enhance service visibility and operational resilience.
Configuring and maintaining UBA policies and models to support insider threat detection and advanced analytics.
Integrating APM solutions into Splunk for real-time performance insights and troubleshooting across application tiers.
Building scalable and reusable content: dashboards, alerts, correlation rules, analytics workbooks, and compliance reports.
Automating workflows and deployments using SOAR, Python, PowerShell, and CI/CD pipelines where applicable.
Coordinating with mission owners and cross-functional teams to align logging, analytics, and operational needs across domains.
Maintaining detailed documentation of integration architectures, deployment processes, and system configurations.
Supporting system upgrades, patching, and performance tuning across the Splunk platform.
Evaluating and onboarding new data sources to enhance enterprise visibility and threat detection.
Collaborating with cybersecurity, IT operations, and development teams to integrate Splunk into existing workflows.
Developing and maintaining custom apps, technology add-ons (TAs), and integration connectors.
Interfacing with vendors and engineering teams to resolve platform-related issues.
Supporting metrics-driven decision-making by producing data visualizations and reports for leadership.
Mentoring junior analysts and engineers in Splunk usage, development, and administration.
WHAT YOU’LL NEED TO SUCCEED:
Required Experience: 8+ years of related experience
Required Technical Skills:
Applicable DoD 8140 or DoD 8570 Certification
Deep expertise in Splunk Enterprise, ITSI, UBA, and APM modules
Experience designing and supporting Splunk in a multi-domain or cross-network enterprise
Proficiency in data onboarding, normalization (CIM compliance), and custom parsing
Strong understanding of service health modeling and performance baselining in Splunk ITSI
Experience with behavioral analytics, identity telemetry, and insider threat use cases via Splunk UBA
Proficiency in scripting languages (e.g., Python, PowerShell, Bash) for automation and integration
Knowledge of enterprise infrastructure (Windows/Linux/VMware/Cloud) and app telemetry (APM)
Ability to produce comprehensive documentation and transition solutions into operations
Preferred Skills:
Experience with supporting tools: ForeScout, Trellix, Elastic, ArcSight
Familiarity with cloud-native logging, container monitoring, and microservices instrumentation
Integration with SOAR, threat intel feeds, or case management systems
Knowledge of data privacy, retention, and compliance standards relevant to DoD environments
Splunk Core Certified Power User or Architect Certification
ITSI Implementation or Observability Suite Certification
Experience with USCENTCOM or multi-domain defense networks
Familiarity with Zero Trust and enterprise observability frameworks
ITIL 4 Foundation Certification
Location: On Site-Tampa, FL
Security Clearance Level: TS/SCI clearance required
GDIT IS YOUR PLACE:
401K with company match
Comprehensive health and wellness packages
Internal mobility team dedicated to helping you own your career
Professional growth opportunities including paid education and certifications
Cutting-edge technology you can learn from and and utilize to make a real impact on the world around you.
Rest and recharge with paid vacation and holidays
#ARMA
#CENTCOMCITS