ZipRecruiter

Log In

1

Splunk Cybersecurity Defense Analyst Jobs in Reston, VA

ECS

Cybersecurity Analyst (CDAP) - Senior

Fairfax, VA · On-site

$99K - $128K/yr

... Defensive Measures (DCO-IDM) across the DoDIN-Army-NG area of responsibility. The Cybersecurity Analyst (CDAP) performs monitoring and analysis of security telemetry within CDAP, conducts alert ...

Leidos

Senior Cybersecurity Engineer

Alexandria, VA · On-site

Current DoD 8570/8140 baseline certification appropriate for Intermediate Cyber Defense Analyst ... Splunk, ELK). * Experience analyzing threats, vulnerabilities, and system security posture.

Leidos

Senior Cybersecurity Engineer

Alexandria, VA · On-site

Current DoD 8570/8140 baseline certification appropriate for Intermediate Cyber Defense Analyst ... Splunk, ELK). * Experience analyzing threats, vulnerabilities, and system security posture.

Link Solutions, Inc.

Splunk Engineer

Adelphi, MD

Delivering a broad range of Infrastructure Operations, Application Development, Cybersecurity ... Work at the forefront of defense innovation in a DoD research environment. You'll support hybrid ...

NewGen

Cyber Network Defense Analyst II

Arlington, VA · On-site

... cybersecurity analysis capabilities. Team personnel provide front line response for digital ... They are seeking Cyber Network Defense Analysts (CNDA) to support this critical customer mission.

next page

Showing results 1-20

All JobsSplunk Cybersecurity Defense Analyst JobsSplunk Cybersecurity Defense Analyst Jobs in Reston, VA

Splunk Cybersecurity Defense Analyst information

See Reston, VA salary details

$44.7K

$103.4K

$156.1K

How much do splunk cybersecurity defense analyst jobs pay per year?

As of Jun 10, 2026, the average yearly pay for splunk cybersecurity defense analyst in Reston, VA is $103,411.00, according to ZipRecruiter salary data. Most workers in this role earn between $82,700.00 and $120,200.00 per year, depending on experience, location, and employer.

How does a Splunk Cybersecurity Defense Analyst typically collaborate with other IT and security teams?

A Splunk Cybersecurity Defense Analyst frequently works alongside network administrators, incident response teams, and other security professionals to detect, investigate, and remediate threats. Collaboration often involves sharing threat intelligence, creating automated alerts, and developing dashboards to provide visibility into security events across the organization. Analysts also participate in regular meetings to coordinate response strategies, review incident post-mortems, and ensure that Splunk configurations align with evolving security requirements. This cross-functional teamwork is essential for maintaining an effective and proactive cybersecurity posture.

What are Splunk Cybersecurity Defense Analysts?

Splunk Cybersecurity Defense Analysts are professionals who use the Splunk platform to monitor, analyze, and defend an organization’s digital infrastructure against cyber threats. They collect and interpret security data, investigate incidents, and create alerts and dashboards to detect suspicious activity in real-time. Their work helps organizations respond quickly to threats, ensuring the safety and integrity of sensitive information and systems. These analysts often collaborate with IT and security teams to develop best practices for threat detection and response.

What are the key skills and qualifications needed to thrive as a Splunk Cybersecurity Defense Analyst, and why are they important?

To thrive as a Splunk Cybersecurity Defense Analyst, you need a solid understanding of cybersecurity principles, threat analysis, and incident response, typically supported by a degree in information security or related certifications like CompTIA Security+ or GIAC. Proficiency with Splunk Enterprise Security, SIEM platforms, and scripting languages such as Python or PowerShell is essential. Strong analytical thinking, problem-solving abilities, and effective communication are important soft skills for collaborating with teams and responding to security incidents. These skills and qualities are critical for quickly identifying, investigating, and mitigating cyber threats to protect organizational assets.

What is the difference between Splunk Cybersecurity Defense Analyst vs Security Operations Center (SOC) Analyst?

AspectSplunk Cybersecurity Defense AnalystSecurity Operations Center (SOC) Analyst
CertificationsSplunk certifications, CompTIA Security+CompTIA Security+, GIAC certifications
Work EnvironmentPrimarily uses Splunk platform for data analysisMonitors security alerts across various tools in a SOC
Industry UsageFinancial, healthcare, tech sectors leveraging SplunkBroadly in all sectors with security teams
Job FocusAnalyzing security data with Splunk, threat detectionMonitoring, incident response, alert management

While both roles focus on cybersecurity, the Splunk Cybersecurity Defense Analyst specializes in using Splunk for data analysis and threat detection, whereas the SOC Analyst performs broader security monitoring and incident response across multiple tools. The roles often overlap but differ in platform focus and scope of responsibilities.

What are popular job titles related to Splunk Cybersecurity Defense Analyst jobs in Reston, VA? For Splunk Cybersecurity Defense Analyst jobs in Reston, VA, the most frequently searched job titles are:
What job categories do people searching Splunk Cybersecurity Defense Analyst jobs in Reston, VA look for? The top searched job categories for Splunk Cybersecurity Defense Analyst jobs in Reston, VA are:
What cities near Reston, VA are hiring for Splunk Cybersecurity Defense Analyst jobs? Cities near Reston, VA with the most Splunk Cybersecurity Defense Analyst job openings:
Splunk Cybersecurity Defense Analyst jobs near you
Infographic showing various Splunk Cybersecurity Defense Analyst job openings in Reston, VA as of June 2026, with employment types broken down into 82% Full Time, and 18% Contract. Highlights an 100% In-person job distribution, with an average salary of $103,411 per year, or $49.7 per hour.
Cybersecurity Analyst (CDAP) - Senior

Cybersecurity Analyst (CDAP) - Senior

ECS

Fairfax, VA • On-site

$99K - $128K/yr

Full-time

Posted 14 days ago

Job description

Position Summary
ECS is seeking a Cybersecurity Analyst (CDAP) - Senior to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program. This position supports Task 3 - Cybersecurity Operations Support, contributing to a comprehensive and proactive cybersecurity program that defends ARNG classified and unclassified network environments and enables Defensive Cyberspace Operations - Internal Defensive Measures (DCO-IDM) across the DoDIN-Army-NG area of responsibility. The Cybersecurity Analyst (CDAP) performs monitoring and analysis of security telemetry within CDAP, conducts alert triage and log analysis, documents findings, supports remediation tracking, and assists with dashboard updates and detection tuning in coordination with SOC and defensive cyber personnel.
In this role, the analyst helps protect mission-critical enterprise services supporting more than 120,000 users and approximately 141,000 endpoints across roughly 2,800 sites in 54 states and territories. The position operates within the ARNG cyber mission supporting Title 10 and Title 32 operations, mobilization readiness, domestic emergency response, and both classified SIPRNet and unclassified environments. The role aligns with ENOCS cybersecurity operations that leverage integrated SIEM/C2C/DLP analytics, USIEM data sources, MITRE ATT&CK-based analytics, and coordination with the NETCOM Global Cyber Center and DISA DCDC to strengthen continuous monitoring, threat detection, and ARNG cybersecurity policy compliance.
Please Note: This position is contingent upon contract award.
Responsibilities
  • Monitor and analyze CDAP security telemetry to identify potential threats, anomalous activity, and security misconfigurations affecting ARNG classified and unclassified network environments.
  • Perform alert triage, log review, and basic correlation using established analytic rules to support Task 3 cybersecurity operations and continuous monitoring objectives.
  • Document investigative findings, maintain clear records of observed conditions, and support remediation tracking in coordination with SOC and defensive cyber personnel.
  • Assist with dashboard updates to improve visibility into cyber conditions, incident trends, and operational status across the DoDIN-Army-NG area of responsibility.
  • Support detection tuning under senior oversight to improve the quality and relevance of cyber alerts and monitoring outputs within CDAP.
  • Contribute to monitoring activities that align with integrated SIEM/C2C/DLP analytics and USIEM-enabled visibility used to centralize threat detection and response.
  • Apply established analytic approaches that support MITRE ATT&CK-based detection and analysis methods used across ENOCS cybersecurity operations.
  • Coordinate with cybersecurity operations stakeholders supporting 24x7x365 monitoring, incident escalation, and defensive actions in concert with broader SOC processes.
  • Support cybersecurity activities performed in coordination with the NETCOM Global Cyber Center and DISA DCDC to help maintain ARNG cyber freedom of action and policy compliance.

Required Qualifications
U.S. Citizenship is required
Security Clearance: Secret Eligible
Required Certifications: DCWF Work Role 511-Cyber Defense Analyst - Basic proficiency; must hold ONE OR MORE of the following: CC, CEH, GFACT, GISF
Experience: 3+ years of experience in cybersecurity
  • Experience monitoring security events, alerts, and logs to identify suspicious activity, misconfigurations, or indicators requiring further analysis.
  • Experience documenting findings and maintaining remediation or follow-up actions with accuracy and attention to detail.
  • Familiarity with continuous monitoring activities supporting DoD and ARNG cybersecurity policy compliance.
  • Ability to support dashboard maintenance and reporting used to communicate cybersecurity status and trends.
  • Experience working with SOC or defensive cyber personnel in an operational cybersecurity environment.
  • Familiarity with security telemetry analysis and rule-based alert correlation.
  • Ability to support cybersecurity operations across both classified and unclassified environments.
  • Familiarity with MITRE ATT&CK-based analytic methods and SIEM-driven monitoring concepts referenced in the ENOCS environment.

Apply