Data Protection Analyst / Splunk ES Developer

Cyber Security Analyst I, Data Protection Analyst / Splunk ES Developer
Charleston, SC
Minimum Secret Clearance Required (TS Eligible)
As the Insider Threat Team Data Protection Analyst you will be involved in daily frontline support, reviewing Data Loss Prevention (DLP) alerts, escalating incidents, and collaborating with the DLP engineering team to refine and optimize policy configurations. This hybrid role blends software development with cybersecurity, supporting mission-critical applications and safeguarding sensitive data across our organization requiring capabilities to create, maintain and sustain Splunk ES data and dashboards.
Position Responsibilities and Duties:
• Monitor, analyze, and respond to data protection events under established procedures
• Support the Insider Threat Response team with incident triage and escalation
• Contribute to policy tuning and optimization efforts
• Generate and maintain data protection metrics via reports and dashboards
• Collaborate with cross-functional teams to gather requirements and deliver scalable solutions using Splunk ES, JavaScript (Node.js/React) and Python
• Configuration of correlation searches that look for specific events and create 'notable event'
Minimum Qualifications:
• Must be a U.S. Citizen
• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or minimum 3 years of equivalent experience
• Active Top Secret Clearance Eligibility
Preferred Qualifications:
• Proficiency in Splunk Processing Language
• Hands-on knowledge of DLP, CASB, Insider Threat Tools, data classification tools
• Experience working in government, DoD, or healthcare environments
• Strong analytical, communication, and documentation skills
• Experience with threat intelligence frameworks inside Splunk Enterprise Security
• Understanding Splunk apps and the purpose of configuration files
Certifications:
• CySA+