1

Splunk Cybersecurity Defense Analyst Jobs (NOW HIRING)

Senior Cyber Defense Analyst - NIGHT Shift Lead Step into a high-impact cyber defense leadership ... Experience with Mavin, Power BI, JIRA, ServiceNow, Elastic, Splunk, Microsoft Defender, Zeek ...

$97K - $126K/yr

Senior Cyber Defense Analyst - NIGHT Shift Lead Step into a high-impact cyber defense leadership ... Experience with Mavin, Power BI, JIRA, ServiceNow, Elastic, Splunk, Microsoft Defender, Zeek ...

next page

Showing results 1-20

Splunk Cybersecurity Defense Analyst information

See salary details

$43K

$99.4K

$150K

How much do splunk cybersecurity defense analyst jobs pay per year?

As of Jul 16, 2026, the average yearly pay for splunk cybersecurity defense analyst in the United States is $99,400.00, according to ZipRecruiter salary data. Most workers in this role earn between $79,500.00 and $115,500.00 per year, depending on experience, location, and employer.

How does a Splunk Cybersecurity Defense Analyst typically collaborate with other IT and security teams?

A Splunk Cybersecurity Defense Analyst frequently works alongside network administrators, incident response teams, and other security professionals to detect, investigate, and remediate threats. Collaboration often involves sharing threat intelligence, creating automated alerts, and developing dashboards to provide visibility into security events across the organization. Analysts also participate in regular meetings to coordinate response strategies, review incident post-mortems, and ensure that Splunk configurations align with evolving security requirements. This cross-functional teamwork is essential for maintaining an effective and proactive cybersecurity posture.

What are Splunk Cybersecurity Defense Analysts?

Splunk Cybersecurity Defense Analysts are professionals who use the Splunk platform to monitor, analyze, and defend an organization’s digital infrastructure against cyber threats. They collect and interpret security data, investigate incidents, and create alerts and dashboards to detect suspicious activity in real-time. Their work helps organizations respond quickly to threats, ensuring the safety and integrity of sensitive information and systems. These analysts often collaborate with IT and security teams to develop best practices for threat detection and response.

What are the key skills and qualifications needed to thrive as a Splunk Cybersecurity Defense Analyst, and why are they important?

To thrive as a Splunk Cybersecurity Defense Analyst, you need a solid understanding of cybersecurity principles, threat analysis, and incident response, typically supported by a degree in information security or related certifications like CompTIA Security+ or GIAC. Proficiency with Splunk Enterprise Security, SIEM platforms, and scripting languages such as Python or PowerShell is essential. Strong analytical thinking, problem-solving abilities, and effective communication are important soft skills for collaborating with teams and responding to security incidents. These skills and qualities are critical for quickly identifying, investigating, and mitigating cyber threats to protect organizational assets.

What is the difference between Splunk Cybersecurity Defense Analyst vs Security Operations Center (SOC) Analyst?

AspectSplunk Cybersecurity Defense AnalystSecurity Operations Center (SOC) Analyst
CertificationsSplunk certifications, CompTIA Security+CompTIA Security+, GIAC certifications
Work EnvironmentPrimarily uses Splunk platform for data analysisMonitors security alerts across various tools in a SOC
Industry UsageFinancial, healthcare, tech sectors leveraging SplunkBroadly in all sectors with security teams
Job FocusAnalyzing security data with Splunk, threat detectionMonitoring, incident response, alert management

While both roles focus on cybersecurity, the Splunk Cybersecurity Defense Analyst specializes in using Splunk for data analysis and threat detection, whereas the SOC Analyst performs broader security monitoring and incident response across multiple tools. The roles often overlap but differ in platform focus and scope of responsibilities.

More about Splunk Cybersecurity Defense Analyst jobs
What cities are hiring for Splunk Cybersecurity Defense Analyst jobs? Cities with the most Splunk Cybersecurity Defense Analyst job openings:
What states have the most Splunk Cybersecurity Defense Analyst jobs? States with the most job openings for Splunk Cybersecurity Defense Analyst jobs include:
Infographic showing various Splunk Cybersecurity Defense Analyst job openings in the United States as of July 2026, with employment types broken down into 1% Locum Tenens, 1% Internship, 86% Full Time, 6% Part Time, 1% Temporary, and 5% Contract. Highlights an 82% Physical, 5% Hybrid, and 13% Remote job distribution, with an average salary of $99,400 per year, or $47.8 per hour.

Cyber Defense Analyst 3 with Security Clearance

The Swift Group

Annapolis Junction, MD • On-site

Other

Re-posted 24 days ago


Job description

For the OPS Consulting team, 'the power to help' means helping our clients, helping serve the mission, helping our employees and their families, and helping the community. Headquartered in Hanover, MD. OPS Consulting has over two decades of experience specializing in the most mission-critical operations. We are thought leaders and innovators. The ingenuity of our developers, engineers, cyber experts, linguists, and analysts are dedicated to empowering our clients, fulfilling The Mission, and remaining trusted leaders and advisers in national security and technology solutions. We are looking for a Cyber Defense Analyst 3 to join a growing team in Annapolis Junction, MD . Responsibilities: * Use cyber defense tools to monitor, detect, analyze, categorize, and perform initial triage of anomalous activity. * Generate cybersecurity cases (including event's history, status, and potential impact for further action) and route as appropriate. * Perform advanced manual analysis to hunt previously unidentified threats. * Identify cyber-attack phases based on knowledge of common attack vectors and network layers, models and protocols. * Apply techniques for detecting host- and network-based intrusions. * Analyze malicious activity to determine weaknesses exploited, exploitation methods, effects on system and information. * Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack. * Possess deep knowledge of active directory abuse used by attackers for lateral movement and persistence. * Perform after-action reviews of team products to ensure completion of analysis. * Lead and mentor team members as a technical expert. Requirements: * Eight (8) years of demonstrated experience as a CDA in programs and contracts of similar scope, type, and complexity.
* A technical bachelor's degree from an accredited college or university may be substituted for two (2) years of CDA experience.
* Two (2) years of demonstrated and practical experience in TCP/IP fundamentals. * Two (2) years of demonstrated experience with tcpdump or Wireshark.
* Three (3) years of demonstrated experience using security information and event management suites (such as Splunk, ArcSight, Kibana, LogRhythm).
* Three (3) years of demonstrated experience in network analysis and threat analysis software utilization.
* CSSP Analyst baseline certification (e.g., CEH, CySA+, CFR, etc.)
* IAT Level I or II certification
* Computing Environment (CE) certification for supported systems
* Global Information Assurances Certificate (GIAC) OR Global Certified Incident Handler (GCIH)
* US citizenship and an active TS/SCI with Polygraph security clearance required