Splunk Analyst

General information

Requisition # R60496 Locations USA-MD-Fort Detrick Posting Date 05/19/2025 Security Clearance Required Public Trust/Suitability Remote Type Hybrid Time Type Full time

Description & Requirements

Transform the future of federal services with ManTech! Join a vibrant, energetic team committed to enhancing national security and public services through innovative tech. Since 1968, we’ve partnered with Federal Civilian sectors to deliver impactful solutions. Engage in exciting projects in Digital Transformation, Cybersecurity, IT, Data Analytics and more. Ignite your career and drive change. Your journey starts now—innovate and excel with ManTech!

ManTech seeks a motivated, career and customer-oriented Splunk Analyst to join our team in Ft Detrick.  This is a hybrid position with 3 days onsite and 2 days remote.  (Optional: Use if Remote Type is Hybrid)

Responsibilities include but are not limited to:

• Administration of Splunk, creating custom content with SPL, data administration in a SIEM, and performing security investigations through Splunk ES.

• Identification of cyber threats and information security in the domains of TTP’s, Threat Actors, Campaigns, and Observables.

• Create Splunk dashboards, alarms and reports.

• Work with tools commonly deployed in a SOC environment such as intrusion detection systems, intrusion analysis systems, security information event management platforms (SIEM), endpoint threat detection tools, and security operations ticket management.

Minimum Qualifications:

• Bachelor’s degree in information technology, Cybersecurity, Data Science, Information Systems, or Computer Science from an ABET accredited or CAE designated institution. Six years’ experience in a related field in addition to one of the following current certifications are required: Cloud+, GICSP, SSCP, Security+, GSEC, FITSP-O, GFACT, CASP+, CCNP Security, or CCSP may be substituted for a degree.

• Two or more years of hands-on experience with Splunk, demonstrated through work experience and/or military experience. Splunk Core Certified Power User or Advanced Power User.

• Hands on experience with managing data sources, data alignment, and data curation. This includes troubleshooting missing events, working with data source owners to onboard new data sources and/or troubleshoot existing ones.

• Hands on experience with dashboard and notable creation – visualizations, report generation, and general content creation.

• Ability to develop rules, filters, views, signatures, countermeasures and operationally relevant applications and scripts to support analysis and detection efforts.

• Strong logical/critical thinking abilities, especially analyzing security events from host and network event sources e.g., windows event logs, AV, EDR, network traffic, IDS events for malicious intent). Experience with the identification and implementation of countermeasures or mitigating controls for deployment and implementation in the enterprise network environment.

• A working knowledge of the various operating systems (e.g., Windows, Linux, etc.) commonly deployed in enterprise networks, a conceptual understanding of Windows Active Directory is also required, and a working knowledge of network communications and routing protocols (e.g., TCP, UDP, ICMP, BGP, MPLS, etc.) and common internet applications and standards (e.g., SMTP, DNS, DHCP, SQL, HTTP, HTTPS, etc.).

Preferred Qualifications:

• An understanding in researching Emerging Threats and recommending monitoring content within security tools.

• Experience with scripting or automation.

• Familiarity with cloud security monitoring (e.g., AWS, Azure)

Clearance Requirements:

• Must be a US Citizen and willing to obtain and maintain a DOD Public Trust and undergo a Tier 3 investigation with favorable results prior to starting this position.

Physical Requirements:

• Must be able to be in a stationary position more than 50% of the time

• Constantly operates a computer and other office productivity machinery, such as a computer

• The person in this position frequently communicates with co-workers, management and clients, which may involve delivering presentations ad must be able to exchange accurate information in these situations

The projected compensation range for this position is $96,100.00-$159,900.00. There are differentiating factors that can impact a final salary/hourly rate, including, but not limited to, Contract Wage Determination, relevant work experience, skills and competencies that align to the specified role, geographic location (For Remote Opportunities), education and certifications as well as Federal Government Contract Labor categories.  In addition, ManTech invests in it’s employees beyond just compensation.  ManTech’s benefits offerings include, dependent upon position, Health Insurance, Life Insurance, Paid Time Off, Holiday Pay, Short Term and Long Term Disability, Retirement and Savings, Learning and Development opportunities, wellness programs as well as other optional benefit elections.

ManTech International Corporation considers all qualified applicants for employment without regard to disability or veteran status or any other status protected under any federal, state, or local law or regulation.
If you need a reasonable accommodation to apply for a position with ManTech, please email us at careers@mantech.com and provide your name and contact information.