1

Splunk Cybersecurity Defense Analyst Jobs (NOW HIRING)

Threat Intel & Cyber Defense Analyst Location: Atlanta, GA Threat Intel & Cyber Defense Analyst ... cybersecurity incident responder * Ability to apply analytical expertise and critical thinking to ...

... CYBERSECURITY DEFENSE About Us Working at Target means helping all families discover the joy of ... The Senior Manager is responsible for a managing a shift composed of CSIRT analysts that are ...

Performs network security, cybersecurity defense & analysis, incident response, threat analysis, exploitation analysis, vulnerability analysis, and incident investigations. * Work is performed in a ...

New

Cyber Defense Analyst

Lehi, UT · On-site

$36.62 - $45.77/hr

Cyber Defense Analyst Full-time Lehi, UT You'll be joining Adobe on a contract opportunity ... Experience conducting cybersecurity investigations or related activities * Demonstrated analytical ...

Cyber Defense Analyst

Lehi, UT · Hybrid

$36.62 - $45.77/hr

Cyber Defense Analyst Full-time Lehi, UT You'll be joining Adobe on a contract opportunity ... Experience conducting cybersecurity investigations or related activities * Demonstrated analytical ...

DPP is seeking a Cybersecurity Analyst for our client in the Aerospace & Defense Manufacturing ... Splunk is preferred, but experience with an equivalent SIEM would be acceptable. * Develop and ...

New

Cyber Defense Analyst Location: Lehi UT (HYBRID) Duration: 12 months (Possibility of extension ... Experience: Experience in conducting cybersecurity investigations or related activities.

New

next page

Showing results 1-20

Splunk Cybersecurity Defense Analyst information

See salary details

$43K

$99.4K

$150K

How much do splunk cybersecurity defense analyst jobs pay per year?

As of Jul 16, 2026, the average yearly pay for splunk cybersecurity defense analyst in the United States is $99,400.00, according to ZipRecruiter salary data. Most workers in this role earn between $79,500.00 and $115,500.00 per year, depending on experience, location, and employer.

How does a Splunk Cybersecurity Defense Analyst typically collaborate with other IT and security teams?

A Splunk Cybersecurity Defense Analyst frequently works alongside network administrators, incident response teams, and other security professionals to detect, investigate, and remediate threats. Collaboration often involves sharing threat intelligence, creating automated alerts, and developing dashboards to provide visibility into security events across the organization. Analysts also participate in regular meetings to coordinate response strategies, review incident post-mortems, and ensure that Splunk configurations align with evolving security requirements. This cross-functional teamwork is essential for maintaining an effective and proactive cybersecurity posture.

What are Splunk Cybersecurity Defense Analysts?

Splunk Cybersecurity Defense Analysts are professionals who use the Splunk platform to monitor, analyze, and defend an organization’s digital infrastructure against cyber threats. They collect and interpret security data, investigate incidents, and create alerts and dashboards to detect suspicious activity in real-time. Their work helps organizations respond quickly to threats, ensuring the safety and integrity of sensitive information and systems. These analysts often collaborate with IT and security teams to develop best practices for threat detection and response.

What are the key skills and qualifications needed to thrive as a Splunk Cybersecurity Defense Analyst, and why are they important?

To thrive as a Splunk Cybersecurity Defense Analyst, you need a solid understanding of cybersecurity principles, threat analysis, and incident response, typically supported by a degree in information security or related certifications like CompTIA Security+ or GIAC. Proficiency with Splunk Enterprise Security, SIEM platforms, and scripting languages such as Python or PowerShell is essential. Strong analytical thinking, problem-solving abilities, and effective communication are important soft skills for collaborating with teams and responding to security incidents. These skills and qualities are critical for quickly identifying, investigating, and mitigating cyber threats to protect organizational assets.

What is the difference between Splunk Cybersecurity Defense Analyst vs Security Operations Center (SOC) Analyst?

AspectSplunk Cybersecurity Defense AnalystSecurity Operations Center (SOC) Analyst
CertificationsSplunk certifications, CompTIA Security+CompTIA Security+, GIAC certifications
Work EnvironmentPrimarily uses Splunk platform for data analysisMonitors security alerts across various tools in a SOC
Industry UsageFinancial, healthcare, tech sectors leveraging SplunkBroadly in all sectors with security teams
Job FocusAnalyzing security data with Splunk, threat detectionMonitoring, incident response, alert management

While both roles focus on cybersecurity, the Splunk Cybersecurity Defense Analyst specializes in using Splunk for data analysis and threat detection, whereas the SOC Analyst performs broader security monitoring and incident response across multiple tools. The roles often overlap but differ in platform focus and scope of responsibilities.

More about Splunk Cybersecurity Defense Analyst jobs
What cities are hiring for Splunk Cybersecurity Defense Analyst jobs? Cities with the most Splunk Cybersecurity Defense Analyst job openings:
What states have the most Splunk Cybersecurity Defense Analyst jobs? States with the most job openings for Splunk Cybersecurity Defense Analyst jobs include:
Infographic showing various Splunk Cybersecurity Defense Analyst job openings in the United States as of July 2026, with employment types broken down into 1% Locum Tenens, 1% Internship, 86% Full Time, 6% Part Time, 1% Temporary, and 5% Contract. Highlights an 82% Physical, 5% Hybrid, and 13% Remote job distribution, with an average salary of $99,400 per year, or $47.8 per hour.

Computer Network Defense Analyst

AGE Solutions

Columbus, OH

Other

Re-posted 4 days ago


Job description

AGE Solutions is looking for a Computer Network Defense Analyst (CND Analyst) to provide enterprise-level Cyber Network Defense (CND) support for continuous monitoring, detection, analysis, and response to cybersecurity events and unauthorized activity affecting government information systems and network infrastructure. Supports 24x7x365 cybersecurity operations to maintain confidentiality, integrity, availability, and overall security posture of government networks, systems, applications, and data assets across multiple operational environments.

Responsibilities Include:

  • Performs enterprise Cyber Network Defense (CND) activities in support of continuous cybersecurity operations, including the identification, assessment, investigation, and remediation of cyber threats, security events, and unauthorized activity impacting government systems and network infrastructure. Maintains persistent defensive cyber operations to preserve the security, availability, integrity, and resiliency of government enterprise networks, applications, and data resources across diverse operational environments.
  • Conduct proactive threat hunting activities to identify emerging cyber threats, suspicious activity, and potential vulnerabilities impacting enterprise systems, networks, and operational environments.
  • Initiate and coordinate incident response procedures upon confirmation that a security event or alert meets established cybersecurity incident criteria requiring investigation, containment, and remediation actions.
  • Analyze and correlate cybersecurity data from multiple sources, including host and network IDS/IPS platforms, system logs, packet captures, forensic utilities, and threat intelligence resources, to identify, assess, and investigate potential cyber threats and malicious activity.
  • Evaluate the impact and scope of suspected or confirmed cybersecurity incidents and execute appropriate containment, eradication, and recovery actions to restore affected systems, services, and data while minimizing operational disruption.
  • Document and maintain detailed records of all incident response activities, including detection, containment, eradication, and recovery efforts, in accordance with established government Standard Operating Procedures (SOPs) and Tactics, Techniques, and Procedures (TTPs).
  • Adhere to established Tactics, Techniques, and Procedures (TTPs) while developing After Action Reports (AARs) that document identified deficiencies, lessons learned, corrective actions, and recommendations for continuous process and operational improvement.
  • Develop, customize, and implement cybersecurity countermeasures, including SIEM correlation rules and IDS/IPS signatures, to enhance threat detection capabilities and strengthen the defensive security posture of government enterprise environments.
  • Perform tuning and optimization of cybersecurity detection signatures while documenting all modifications and configuration changes in accordance with established government policies, procedures, and operational guidelines.
  • Ensure prompt notification, escalation, and reporting of cybersecurity incidents to the proper, Program Management Offices (PMOs), Information System Security Managers (ISSMs), USCYBERCOM, JFHQ-DODIN, law enforcement entities, and other designated stakeholders in accordance with established reporting requirements and incident response procedures.
  • Maintain detailed incident journals and ensure all cybersecurity incident reporting, documentation.
  • Perform basic malware analysis and support the forensically sound collection, acquisition, handling, and preservation of volatile, persistent, and environmental incident data in support of cybersecurity investigations and incident response activities.
  • Prepare, document, and submit forensic examination and malware analysis reports in accordance with established cybersecurity investigation, reporting, and incident response requirements.
  • Participate in proactive threat hunting operations utilizing established tools, methodologies, and Standard Operating Procedures (SOPs) to identify suspicious activity, enhance threat detection capabilities, and develop or implement new detection signatures and indicators.
  • Document and maintain detailed records of threat hunting activities, investigative actions, analytical findings, and identified indicators to support cybersecurity operations, reporting, and continuous improvement efforts.
  • Provide cybersecurity training and awareness guidance to Information System Security Managers (ISSMs), system administrators, and end users on the identification, reporting, and escalation of suspicious or potentially malicious cyber activity.
  • Participate in annual incident response tabletop and cybersecurity readiness exercises while assisting in the development of after-action reviews, lessons learned documentation, and process improvement recommendations.
  • Ensure all cybersecurity operational activities, documentation, reporting, and incident response actions are performed in compliance with established government Standard Operating Procedures (SOPs) and required reporting timelines.
  • Maintain, update, and manage cybersecurity documentation, including incident reports, after-action reviews, lessons learned, and operational records to support compliance, reporting, and continuous process improvement initiatives.

Required Skills, Qualifications, and Experience:

  • Experience:
    • Minimum (5) years of relevant experience or related formal education.
    • Minimum (2) years of experience performing root cause analysis of cybersecurity events and incidents.
    • Minimum (2) years of experience analyzing network traffic and/or system logs.
  • Skills and Knowledge:
    • Demonstrate strong written and verbal communication skills with the ability to effectively document, present, and brief cybersecurity incidents to technical teams, leadership, and designated stakeholders.
    • Possess working knowledge of at least two cybersecurity disciplines or operational areas of the following:
      • Firewall,
      • Vulnerability Management,
      • Device Hardening,
      • IDS/IPS,
      • Forensics,
      • Host based antivirus,
      • Malware Analysis.
    • Ability to apply Defense-in-Depth principles and layered cybersecurity strategies to support enterprise security operations.
    • Ability to develop, modify, and interpret scripts using languages such as Perl, Bash, PowerShell, Ruby, and Python.
  • Security Clearance:
    • DoD Top Secret Clearance with SCI eligibility and IT-I access.
  • Certifications:
    • DoD 8570 IAT Level II Certification or higher (one of the following):
      • CompTIA Security+ CE
      • CompTIA Cybersecurity Analyst (CySA+)
      • Systems Security Certified Practitioner (SSCP)
      • GIAC Security Essentials Certification (GSEC)
      • Cisco Certified Network Associate (CCNA)
      • Global Industrial Cyber Security Professional (GICSP).
    • Computing Environment Certification - DoD 8570 CSSP (one of the following):
      • Certified Ethical Hacker (CEH)
      • CompTIA Cybersecurity Analyst (CySA+)
      • GIAC Certified Incident Handler (GCIH)
      • GIAC Certified Forensic Analyst (GCFA)
      • CyberSec First Responder (CFR)
      • Certified SCADA Security Architect (SCYBER).

The projected salary range for this position is $85,000+ annually. Final compensation will be determined based on factors including years of relevant experience, active security clearance level, certifications, technical skillset, contract requirements, and overall qualifications.