SOC Analyst (Tier 1)

Splunk SOC Analyst I (Tier 1) - Hybrid, Herndon, VA

Schedule: 4x10 Schedule (40 hours/week)

Shift: Permanent Shift Assignment (Days, Evenings, or Overnights)

Our IT Services client is seeking three Tier 1 SOC Analysts to join a growing Security Operations Center supporting a large public sector environment. This is an excellent opportunity for early-career cybersecurity professionals looking to build hands-on experience in a mature SOC while working alongside Security Engineering, Threat Hunting, Network Security, and Incident Response teams.

If you enjoy investigating security alerts, working in Splunk, and developing your cybersecurity career in a collaborative environment, we'd love to speak with you.

What You'll Do

• Monitor and investigate security events using Splunk SIEM
• Perform Tier 1 triage of security alerts and determine appropriate next steps
• Execute established incident response playbooks and escalation procedures
• Document investigations and manage tickets throughout the incident lifecycle
• Escalate security incidents to senior analysts and engineering teams when appropriate
• Respond to customer inquiries regarding security events and ongoing investigations
• Monitor network, endpoint, and security alerts in a 24x7 SOC environment
• Collaborate closely with Threat Hunting, Security Engineering, Network, and Web Security teams
• Maintain accurate documentation while meeting established SLAs
• Assist with identifying suspicious activity and emerging threats

Required Qualifications

• 1-3 years of experience in a Security Operations Center (SOC)
• Hands-on experience using Splunk in a production environment
• Familiarity with basic Splunk searches and investigations
• Active CompTIA Security certification (required)
• Understanding of incident response fundamentals
• Knowledge of networking concepts and cybersecurity fundamentals
• Strong written and verbal communication skills
• Ability to work one permanent 10-hour shift in a 24x7 SOC

Preferred Qualifications

• Splunk certification (Core User or higher)
• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field (or equivalent experience)
• Experience with threat hunting or threat intelligence
• Experience working with ticketing systems such as ServiceNow
• Familiarity with MITRE ATT&CK or similar security frameworks

Work Schedule

• 4-day work week (40 hours)
• Permanent shift assignment (no rotating shifts)
• Available shifts include:
• Days: 6:00 AM – 4:00 PM
• Evenings: 2:00 PM – 12:00 AM
• Overnights: 10:00 PM – 8:00 AM
• Weekend coverage is part of the normal schedule depending on assigned shift

Additional Requirements

• Must reside within the DMV area (Virginia, Maryland, or Washington, DC)
• Must be able to work a hybrid schedule (2 days onsite in the Herndon, VA area)
• Must be authorized to work in the United States (U.S. Citizen or Green Card holder)
• Must successfully complete required client background screening and fingerprinting

Why This Opportunity?

• Gain experience in a large-scale enterprise SOC
• Daily exposure to Splunk and modern security operations
• Work alongside experienced Security Engineers and Threat Hunters
• Support a mission-critical cybersecurity environment
• Excellent opportunity to grow into Tier 2 SOC Analyst or Security Engineering roles