CIS (Center for Internet Security) is the trusted guide to confidence in the connected world. CIS collaborates with the global security community to lead both government and private-sector entities to security solutions and resources. CIS is an independent, not-for-profit organization.
The primary purpose of this Network Threat Detection Analyst position is to be a subject matter expert in network detection and threat analysis while working as a member of the CIS Security Operations Center (SOC) to help respond to cyber incidents impacting State, Local, Tribal and Territorial (SLTT) governments in conjunction with CISA’s Cybersecurity Division (CSD) teams. This position is employed by the Center for Internet Security, and will be located with the Cybersecurity and Infrastructure Security Agency (CISA) in Arlington, VA. Reporting to the LNO Manager, the Threat Detection Analyst will partner with CISA’s network detection team and will work to promote the CIS mission to expand and normalize information-sharing initiatives within CISA’s CSD.
Perform and communicate analysis of Netflow data, Packet Capture (PCAP) data, Suricata and Snort alerts, Passive DNS data, Host-Based Endpoint Detection and Response (EDR) data, Malicious Domain Blocking data, and other shared data.
It's a Plus if You Have:
*Additional years of relevant experience or a combination of an Associate’s degree or equivalent and relevant experience may be substituted for the Bachelor’s degree.
**Factors that may cause a negative Fitness Review decision include:
At CIS, we are committed to providing an inclusive environment in which the diverse backgrounds, experiences, and views of our employees, members, and customers are valued and respected. It is through this commitment that we are able to work together towards our common mission: to make the connected world a safer place.