Center for Internet Security, Inc.

Cyber Network Threat Detection Analyst (IT Security)

Job Locations US-VA-Arlington
Cybersecurity Operations
Regular Full-Time


CIS (Center for Internet Security) is the trusted guide to confidence in the connected world. CIS collaborates with the global security community to lead both government and private-sector entities to security solutions and resources. CIS is an independent, not-for-profit organization.


The primary purpose of this Network Threat Detection Analyst position is to be a subject matter expert in network detection and threat analysis while working as a member of the CIS Security Operations Center (SOC) to help respond to cyber incidents impacting State, Local, Tribal and Territorial (SLTT) governments in conjunction with CISA’s Cybersecurity Division (CSD) teams. This position is employed by the Center for Internet Security, and will be located with the Cybersecurity and Infrastructure Security Agency (CISA) in Arlington, VA. Reporting to the LNO Manager, the Threat Detection Analyst will partner with CISA’s network detection team and will work to promote the CIS mission to expand and normalize information-sharing initiatives within CISA’s CSD.

What You'll Do

  • Provide comprehensive review of security events affecting SLTT governments through methods including network and host-based analysis of security log data and threat and vulnerability analysis
  • Perform and communicate analysis of Netflow data, Packet Capture (PCAP) data, Suricata and Snort alerts, Passive DNS data, Host-Based Endpoint Detection and Response (EDR) data, Malicious Domain Blocking data, and other shared data.

  • Review information from investigations and coordinate with fellow analysts to document information security issues and emerging trends
  • Liaise between CISA and Center for Internet Security to ensure a joint posture through shared threat intelligence
  • Provide Incident Response (IR) support when analysis confirms actionable incident
  • Other tasks and responsibilities as assigned

What You'll Need

  • Bachelor's degree in Cybersecurity, Digital Forensics, Computer Science a related field*
  • 3+ years’ experience as cyber threat analyst, SOC analyst, or similar role
  • Knowledge of TCP/IP Protocols, network analysis, and network/security applications
  • Advanced experience in one or more of the following areas:
    • Incident response protocols, processes, and techniques
    • Network and host-based security event analysis
    • System and application security threats and vulnerabilities
    • Adversarial tactics, techniques, and procedures
    • Various host and network-based security controls
  • Strong time management, communication, attention to detail, and professional and interpersonal skills
  • Working knowledge of databases and database querying languages
  • Must have a Top Secret Security Clearance and be eligible to be granted SCI Suitability
  • The position is open to U.S. citizens and requires a favorably adjudicated DHS Fitness Review for Public Trust Positions**
  • Must be authorized to work in the United States

It's a Plus if You Have:

  • Advanced experience in writing and deploying signatures for network defense devices (Suricata, Snort, etc.)
  • Experience preparing and delivering technical presentations and reports
  • Experience in handling Advanced Persistent Threat (APT) related security incidents
  • Certifications in related areas (GREM, GCIA, GPEN, GCIH, Network+, Security+, etc.)

*Additional years of relevant experience or a combination of an Associate’s degree or equivalent and relevant experience may be substituted for the Bachelor’s degree.


**Factors that may cause a negative Fitness Review decision include:

  • Criminal Conduct
  • Dishonest Conduct
  • Employment Misconduct
  • Alcohol Abuse
  • Drug Use (illegal drug use or use of a legal drug in a manner that deviates from approved medical direction) Additionally, illegal drug use includes the use of drugs that are illegal for federal purposes despite being legal in select states and countries, such as marijuana.)
  • False Statements
  • Financial Issues
  • Have not resided in the US for three (3) of the past five (5) years

At CIS, we are committed to providing an inclusive environment in which the diverse backgrounds, experiences, and views of our employees, members, and customers are valued and respected. It is through this commitment that we are able to work together towards our common mission: to make the connected world a safer place.


Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed