SPLUNK ADMINISTRATOR / DEVELOPER (Cleared)

CriticalTiltTampa, FL
70d
Match Resume

About The Position

CriticalTilt, Inc. is seeking a Splunk Administrator / Developer (Cleared) to support enterprise-scale Splunk platform implementation, optimization, and automation efforts in a secure DoD environment. This engagement requires hands-on expertise with Splunk Enterprise, Enterprise Security (ES), Splunk SOAR, and Splunk User Behavior Analytics (UBA). The contractor will perform all work on-site in Tampa, Florida at a secured government facility and must demonstrate deep technical understanding of Splunk administration, data onboarding, automation playbooks, and behavioral analytics integrations.

Requirements

  • Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or related field (or equivalent professional experience).
  • 5+ years of Splunk Enterprise administration experience supporting security operations or analytics environments.
  • 2+ years of experience with Splunk SOAR automation or playbook development.
  • Experience deploying and tuning Splunk UBA or comparable user behavior analytics solutions.
  • Strong understanding of data normalization (CIM compliance), data pipeline design, and SIEM integration.
  • Proficiency in scripting (Python, JavaScript, Bash, or PowerShell).
  • Familiarity with DoD cybersecurity compliance and secure enclave operations.
  • Active Top Secret clearance required; SCI eligibility preferred.

Nice To Haves

  • Experience with common security telemetry sources (firewalls, proxies, EDR, DLP).
  • Experience with configuration management, CI/CD pipelines, or automation tooling (e.g., Ansible, Git).
  • Familiarity with Agile or ITIL-based delivery processes.

Responsibilities

  • Install, configure, and maintain Splunk Enterprise and Enterprise Security platforms in accordance with DoD and organizational best practices.
  • Deploy and configure Splunk SOAR and UBA systems, ensuring secure connectivity, license application, and integration with Enterprise Security.
  • Develop and test automation playbooks using Python or JavaScript within the Splunk SOAR framework.
  • Design and implement secure data onboarding workflows for diverse security sources (e.g., DNS, DHCP, Active Directory, firewall, VPN, and endpoint telemetry).
  • Implement identity resolution and data normalization processes supporting UBA analytics and detection modeling.
  • Perform tuning, baselining, and false-positive reduction for UBA and SOAR detections.
  • Conduct infrastructure health checks, search head/indexer performance reviews, and diagnostic troubleshooting.
  • Integrate Splunk platforms with enterprise authentication systems and configure granular role-based access controls.
  • Document system configurations, architecture validations, and implementation reports.
  • Support knowledge transfer and stakeholder enablement sessions on Splunk administration, automation, and operational best practices.
  • Maintain strict adherence to all information security, change management, and operational governance procedures.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Education Level

Bachelor's degree

Job Search Resources

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service