CriticalTilt
Company Overview
Company Overview
(summary): CriticalTilt blends 25+ years of specialized experience with a lean, responsive approach, delivering tailored solutions to government agencies and private sector clients. From navigating complex networks to adapting to new compliance demands, we understand our customers’ challenges and are primed to tilt the board toward success for their projects. Position Overview
CriticalTilt, Inc. is seeking a
Splunk Administrator / Developer (Cleared)
to support enterprise-scale Splunk platform implementation, optimization, and automation efforts in a secure DoD environment. This engagement requires hands-on expertise with Splunk Enterprise, Enterprise Security (ES), Splunk SOAR, and Splunk User Behavior Analytics (UBA). The contractor will perform all work
on-site in Tampa, Florida
at a secured government facility and must demonstrate deep technical understanding of Splunk administration, data onboarding, automation playbooks, and behavioral analytics integrations. Active Top Secret clearance is required; SCI eligibility is preferred. Scope of Services
Install, configure, and maintain Splunk Enterprise and Enterprise Security platforms in accordance with DoD and organizational best practices. Deploy and configure Splunk SOAR and UBA systems, ensuring secure connectivity, license application, and integration with Enterprise Security. Develop and test automation playbooks using Python or JavaScript within the Splunk SOAR framework. Design and implement secure data onboarding workflows for diverse security sources (e.g., DNS, DHCP, Active Directory, firewall, VPN, and endpoint telemetry). Implement identity resolution and data normalization processes supporting UBA analytics and detection modeling. Perform tuning, baselining, and false-positive reduction for UBA and SOAR detections. Conduct infrastructure health checks, search head/indexer performance reviews, and diagnostic troubleshooting. Integrate Splunk platforms with enterprise authentication systems and configure granular role-based access controls. Document system configurations, architecture validations, and implementation reports. Support knowledge transfer and stakeholder enablement sessions on Splunk administration, automation, and operational best practices. Maintain strict adherence to all information security, change management, and operational governance procedures. Qualifications - Required
Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or related field (or equivalent professional experience). 5+ years of Splunk Enterprise administration experience supporting security operations or analytics environments. 2+ years of experience with Splunk SOAR automation or playbook development. Experience deploying and tuning Splunk UBA or comparable user behavior analytics solutions. Strong understanding of data normalization (CIM compliance), data pipeline design, and SIEM integration. Proficiency in scripting (Python, JavaScript, Bash, or PowerShell). Familiarity with DoD cybersecurity compliance and secure enclave operations. Active Top Secret clearance required; SCI eligibility preferred. Certifications (Required or Equivalent)
DoD 8570/8140 Baseline:
CompTIA Security+ CE (minimum); CISSP, CISM, or CASP+ (preferred) Splunk Certifications: Splunk Core Certified Power User Splunk Enterprise Certified Admin Splunk SOAR Certified Automation Developer (recommended) Splunk Enterprise Security Certified Admin (highly desirable) Splunk UBA or behavioral analytics certification (preferred) Qualifications - Preferred
Experience with common security telemetry sources (firewalls, proxies, EDR, DLP). Experience with configuration management, CI/CD pipelines, or automation tooling (e.g., Ansible, Git). Familiarity with Agile or ITIL-based delivery processes. Physical Demands and Work Environment
While performing the duties of this engagement, the contractor is regularly required to talk or listen and frequently use hands or fingers to handle objects, tools, or controls. The contractor may occasionally stand, walk, sit, reach with hands and arms, climb, balance, stoop, kneel, crouch, or crawl. The contractor must occasionally lift and/or move up to 50 pounds. Specific vision abilities required include close vision, distance vision, color vision, peripheral vision, and the ability to adjust focus. The noise level in the work environment is usually moderate. Note
This position description in no way states or implies that these are the only duties to be performed under the engagement. The contractor will perform other duties within the scope of services as assigned by CriticalTilt. The engagement is governed under an independent contractor agreement, not an employment contract. Contractors are responsible for their own taxes, insurance, and business expenses. Equal Opportunity Statement
CriticalTilt, Inc. is an Equal Opportunity Employer. Our policy is to provide equal opportunity to all contractors and applicants without regard to race, color, religion, gender, sexual orientation, national origin, age, disability, marital status, veteran status, or any other status protected by applicable law.
#J-18808-Ljbffr
Company Overview
(summary): CriticalTilt blends 25+ years of specialized experience with a lean, responsive approach, delivering tailored solutions to government agencies and private sector clients. From navigating complex networks to adapting to new compliance demands, we understand our customers’ challenges and are primed to tilt the board toward success for their projects. Position Overview
CriticalTilt, Inc. is seeking a
Splunk Administrator / Developer (Cleared)
to support enterprise-scale Splunk platform implementation, optimization, and automation efforts in a secure DoD environment. This engagement requires hands-on expertise with Splunk Enterprise, Enterprise Security (ES), Splunk SOAR, and Splunk User Behavior Analytics (UBA). The contractor will perform all work
on-site in Tampa, Florida
at a secured government facility and must demonstrate deep technical understanding of Splunk administration, data onboarding, automation playbooks, and behavioral analytics integrations. Active Top Secret clearance is required; SCI eligibility is preferred. Scope of Services
Install, configure, and maintain Splunk Enterprise and Enterprise Security platforms in accordance with DoD and organizational best practices. Deploy and configure Splunk SOAR and UBA systems, ensuring secure connectivity, license application, and integration with Enterprise Security. Develop and test automation playbooks using Python or JavaScript within the Splunk SOAR framework. Design and implement secure data onboarding workflows for diverse security sources (e.g., DNS, DHCP, Active Directory, firewall, VPN, and endpoint telemetry). Implement identity resolution and data normalization processes supporting UBA analytics and detection modeling. Perform tuning, baselining, and false-positive reduction for UBA and SOAR detections. Conduct infrastructure health checks, search head/indexer performance reviews, and diagnostic troubleshooting. Integrate Splunk platforms with enterprise authentication systems and configure granular role-based access controls. Document system configurations, architecture validations, and implementation reports. Support knowledge transfer and stakeholder enablement sessions on Splunk administration, automation, and operational best practices. Maintain strict adherence to all information security, change management, and operational governance procedures. Qualifications - Required
Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or related field (or equivalent professional experience). 5+ years of Splunk Enterprise administration experience supporting security operations or analytics environments. 2+ years of experience with Splunk SOAR automation or playbook development. Experience deploying and tuning Splunk UBA or comparable user behavior analytics solutions. Strong understanding of data normalization (CIM compliance), data pipeline design, and SIEM integration. Proficiency in scripting (Python, JavaScript, Bash, or PowerShell). Familiarity with DoD cybersecurity compliance and secure enclave operations. Active Top Secret clearance required; SCI eligibility preferred. Certifications (Required or Equivalent)
DoD 8570/8140 Baseline:
CompTIA Security+ CE (minimum); CISSP, CISM, or CASP+ (preferred) Splunk Certifications: Splunk Core Certified Power User Splunk Enterprise Certified Admin Splunk SOAR Certified Automation Developer (recommended) Splunk Enterprise Security Certified Admin (highly desirable) Splunk UBA or behavioral analytics certification (preferred) Qualifications - Preferred
Experience with common security telemetry sources (firewalls, proxies, EDR, DLP). Experience with configuration management, CI/CD pipelines, or automation tooling (e.g., Ansible, Git). Familiarity with Agile or ITIL-based delivery processes. Physical Demands and Work Environment
While performing the duties of this engagement, the contractor is regularly required to talk or listen and frequently use hands or fingers to handle objects, tools, or controls. The contractor may occasionally stand, walk, sit, reach with hands and arms, climb, balance, stoop, kneel, crouch, or crawl. The contractor must occasionally lift and/or move up to 50 pounds. Specific vision abilities required include close vision, distance vision, color vision, peripheral vision, and the ability to adjust focus. The noise level in the work environment is usually moderate. Note
This position description in no way states or implies that these are the only duties to be performed under the engagement. The contractor will perform other duties within the scope of services as assigned by CriticalTilt. The engagement is governed under an independent contractor agreement, not an employment contract. Contractors are responsible for their own taxes, insurance, and business expenses. Equal Opportunity Statement
CriticalTilt, Inc. is an Equal Opportunity Employer. Our policy is to provide equal opportunity to all contractors and applicants without regard to race, color, religion, gender, sexual orientation, national origin, age, disability, marital status, veteran status, or any other status protected by applicable law.
#J-18808-Ljbffr