Splunk SOC Analyst
About The Position
Splunk SOC Analyst Remote, MUST reside in Washington or Texas, W2 hourly plus benefits Applicants must be currently authorized to work in the United States on a full-time basis AND reside in either Washington state or Texas. The employer will not sponsor applicants for work visas. The employer may not have resources available to support STEM OPT training requirements. No C2C - Pivotal does not accept unsolicited applications or resumes from third-party recruiters/agencies. Why clients choose Pivotal Consulting: We are a technology management consulting firm helping Fortune 500 companies improve their performance – we specialize in making People, Process, and Technology work together! Our clients count on us to deliver excellence and seek our guidance on business and technology strategy, technology modernization, and cloud transformation initiatives. Simply put; by listening to our clients closely and focusing on delivering quality, we bring them peace of mind. After guiding and helping numerous clients from global enterprises to mid-market firms to non-profit organizations, we are now experiencing breakthrough growth! What we are looking for: We are seeking an experienced Security Operations Center (SOC) Analyst with strong Splunk expertise to support ongoing security operations for a major global technology client . In this role, you will identify, analyze, and respond to cybersecurity incidents while leveraging Splunk for threat detection, correlation, and response automation. You will collaborate closely with the client’s internal security teams and contribute to the maturity of their SOC capabilities.
Requirements
- 7+ years of experience working in a Security Operations Center (SOC) or cyber incident response role.
- Advanced Splunk experience in both operational monitoring and content development.
- Experience with Crowdstrike, Okta & Cloudtrail.
- Strong understanding of SIEM and SOAR principles, detection engineering, and log correlation.
- Solid knowledge of common security frameworks, including MITRE ATT&CK and NIST.
- Familiarity with network protocols, firewalls, IDS/IPS, and endpoint protection tools.
- Proven ability to handle high-volume security data and triage incidents efficiently.
Nice To Haves
- Industry certifications such as Splunk Certified Power User, Security+, CEH, GCIA, or GCIH.
- Experience in scripting (Python, PowerShell) for SOC automation.
- Exposure to cloud security monitoring (AWS, Azure, or GCP).
Responsibilities
- Monitor and analyze security events using Splunk to identify potential threats and vulnerabilities.
- Investigate and respond to security incidents, providing detailed root cause analysis and remediation support.
- Develop and fine-tune Splunk queries, dashboards, alerts, and correlation rules to enhance threat visibility.
- Conduct proactive threat hunting and anomaly detection across large data sets.
- Document incident findings and create post-incident reports for stakeholders.
- Collaborate with infrastructure and application teams to ensure proper log ingestion and data normalization.
- Participate in security process improvements and recommend automation or workflow enhancements.
Benefits
- medical
- dental
- vision insurance
- 401k
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
