TDI is seeking a Senior AIOps Engineer to lead ITSM transformation efforts within a secure mission environment. As the technical lead for this initiative, you will orchestrate integrations across existing Network Engineering, ServiceNow, and SolarWinds teams. Utilize Splunk and Machine Learning Toolkit to provide descriptive and predictive analytics and establish closed-loop automated incident response, ensuring the high availability of mission-essential infrastructure.
This position requires fully onsite support to the Fort Belvoir, VA area and active TS/SCI level clearance.
RESPONSIBILITIES:
- Lead AIOps platform integration efforts across Network Engineering, ServiceNow, and SolarWinds teams to establish unified observability and telemetry capabilities.
- Architect and maintain Splunk AIOps and ITSI solutions across classified and unclassified environments, delivering real-time situational awareness, event correlation, and automated incident remediation through ServiceNow integration.
- Develop and deploy advanced analytics and machine learning models using Splunk MLTK to detect anomalies, identify cyber threats, predict infrastructure issues, and reduce alert fatigue.
- Engineer secure telemetry ingestion and correlation pipelines from enterprise infrastructure, cross-domain solutions, and tactical edge systems to provide a comprehensive view of operational health.
- Support defensive cyber operations by integrating AIOps insights into security workflows, while ensuring compliance with DoD STIGs, IL5/IL6 requirements, and maintaining technical and architectural documentation.
- Active TS/SCI security clearance
- Candidates must possess DoD IAT Level II certification (e.g., Security+ CE, CySA+, GSEC, or SSCP)
- Bachelor's degree and 7+ years of Splunk Enterprise experience, including architecture, cluster administration, and advanced SPL development.
- 3+ years of experience implementing AIOps workflows and integrating Splunk with ServiceNow or other enterprise ITSM platforms.
- Experience building, tuning, and deploying machine learning models using Splunk MLTK.
- Strong scripting and automation skills, including Python, API integrations, custom search commands, and automated remediation solutions.
- Must be able to present designs, plans, and analyses of alternatives to technical leadership boards for approvals.
- Splunk Enterprise Certified Architect or Splunk ITSI Certified Admin.
- Experience with Cloud Native Computing Foundation (CNCF) observability tools in secure hybrid multi-cloud environments (Azure/AWS).
Skills Required
- Active TS/SCI security clearance
- Fully onsite support to Fort Belvoir, VA
- DoD IAT Level II certification (e.g., Security+ CE, CySA+, GSEC, or SSCP)
- Bachelor's degree
- 7+ years of Splunk Enterprise experience including architecture, cluster administration, and advanced SPL development
- 3+ years implementing AIOps workflows and integrating Splunk with ServiceNow or other enterprise ITSM platforms
- Experience building, tuning, and deploying machine learning models using Splunk MLTK
- Strong scripting and automation skills, including Python, API integrations, custom search commands, and automated remediation solutions
- Ability to present designs, plans, and analyses of alternatives to technical leadership boards
- Splunk Enterprise Certified Architect or Splunk ITSI Certified Admin
- Experience with CNCF observability tools in secure hybrid multi-cloud environments (Azure/AWS)
What We Do
For over 20 years, TDI’s one and only passion has been delivering cybersecurity solutions to effectively manage the business of cyber. At the global vanguard of innovation, we created Cybersecurity Performance Management (CPM) and the industry-leading CPM platform, CnSight®. Combining CnSight® with our remarkable historical experience and our exceptional capabilities of cyber operations and compliance, we offer Managed Cybersecurity Performance, a first of its kind managed CPM offering. TDI’s CPM solutions mitigate risk, reduce ransomware, provide continuous compliance, improve cyber-ROI, and provide comprehensive instantaneous visibility into how an organization is performing against its cyber strategy, particularly for Boards of Directors. CnSight® is the industry-leading Cybersecurity Performance Management (CPM) platform which mitigates risk, reduces ransomware, provides continuous compliance, improves cyber-ROI, and provides comprehensive instantaneous visibility into how an organization is performing against its cyber strategy, so executives and Boards may effectively manage the business of cybersecurity– the result: reduced stress, better performance, less cost, and a true understanding of cyber investment. With CnSight® at its core, TDI’s Managed Cybersecurity Performance offering ensures strategic cyber goals are met to protect an organization’s investments, assets and reputation by reducing the risk of ransomware, lowering cyber insurance premiums, improving ROI, reducing legal and fiduciary liability, delivering actionable reporting to the Board and C-Suite, providing on-call advice, ensuring continuous compliance and providing subject matter expertise on the organization’s behalf in meeting with the C-Suite and the Board, dealing with auditors, and supporting budget decisions – the result: reduced stress, better performance, less cost, and a true understanding of cyber investment.

.png)
.png)





