SOC Analyst / Splunk Administrator

Apex Systems is seeking a SOC Analyst / Splunk Administrator to work partially remote, with onsite presence in Washington, D.C. for 1 day per week.

This hybrid role bridges SOC Analysis with Splunk Engineering and Content Creation. The candidate should be skilled in administering Splunk, creating custom SPL content, managing data in a SIEM, and conducting security investigations using Splunk ES.

The mid-tier candidate will have a solid understanding of cyber threats, TTPs, Threat Actors, Campaigns, and Observables, and be proficient in creating dashboards and notables in Splunk.

Familiarity with SOC tools such as intrusion detection systems, SIEM platforms, endpoint threat detection, and security operations ticketing is also desirable.

• Must be a U.S. Citizen eligible for a Public Trust clearance.
• 2-5 years of experience in network defense environments.
• Splunk Admin Certification is required; equivalent experience of 15+ years may substitute.
• Strong analytical skills in computer network defense, incident handling, hunting, and malware analysis.
• Experience analyzing security events to identify true positives, conducting incident investigations, and implementing countermeasures.
• Hands-on experience with managing and optimizing Splunk Enterprise Security.
• Experience with data source management, troubleshooting, and onboarding.
• Proficiency in dashboard and notable creation, visualizations, and report generation.
• Ability to develop rules, filters, views, signatures, and scripts for analysis and detection.
• Strong logical thinking, especially analyzing host and network security events.
• Excellent organizational skills and attention to detail.
• Knowledge of operating systems (Windows, macOS, Linux), Active Directory, networking protocols, and internet standards.
• Experience with implementing security countermeasures in enterprise networks.
• Strong communication skills.

• Researching emerging threats and recommending monitoring strategies.
• Experience with tools like FireEye, Palo Alto, and MS O365.
• Relevant certifications such as Security+, CySA+, GCIA, GCIH.
• Scripting or automation experience.
• Knowledge of cloud security monitoring (AWS, Azure).

EEO Employer

Apex Systems is an equal opportunity employer committed to diversity and inclusion. We consider qualified applicants with criminal histories in accordance with applicable laws. For accommodations during the application process, contact employeeservices@apexsystems.com or call 844-463-6178.

Apex is a leading IT services company serving clients worldwide. We value innovation, collaboration, and continuous learning, offering extensive resources, training, certifications, and benefits. Recognized for excellence, we have received awards such as ClearlyRated's Best of Staffing and Great Place to Work awards.

Our benefits include medical, dental, vision, life, disability insurance, an Employee Stock Purchase Program, 401K with company match, HSA, Employee Assistance Program, discounts, professional development resources, and more. We support your growth with training, certifications, and leadership courses, along with dedicated support teams and career coaching.