The primary purpose of this Network Threat Detection Analyst position is to be a subject matter expert in network detection and threat analysis while working as a member of the CIS Security Operations Center (SOC) to help respond to cyber incidents impacting State, Local, Tribal and Territorial (SLTT) governments in conjunction with CISA’s Cybersecurity Division (CSD) teams. This position is employed by the Center for Internet Security, and will be located with the Cybersecurity and Infrastructure Security Agency (CISA) in Arlington, VA. Reporting to the LNO Manager, the Threat Detection Analyst will partner with CISA’s network detection team and will work to promote the CIS mission to expand and normalize information-sharing initiatives within CISA’s CSD.
Perform and communicate analysis of Netflow data, Packet Capture (PCAP) data, Suricata and Snort alerts, Passive DNS data, Host-Based Endpoint Detection and Response (EDR) data, Malicious Domain Blocking data, and other shared data.
It's a Plus if You Have:
*Additional years of relevant experience or a combination of an Associate’s degree or equivalent and relevant experience may be substituted for the Bachelor’s degree.
**Factors that may cause a negative Fitness Review decision include: