Cyber Threat Detection Analyst - TS/SCI Required - Arlington, VA

---

Job description

Overview:
The primary purpose of this position is to be a subject matter expert in network detection and threat analysis while working as a member of the CIS Security Operations Center (SOC) to help respond to cyber incidents impacting State, Local, Tribal and Territorial (SLTT) governments in conjunction with CISA's Cybersecurity Division (CSD) teams. This position is employed by the Center for Internet Security, and will be located with the Cybersecurity and Infrastructure Security Agency (CISA) in Arlington, VA, or Pensacola, FL. Reporting to the Cyber Threat Liaison Manager, the Threat Detection Analyst will partner with CISA's network detection team and will work to promote the CIS mission to expand and normalize information-sharing initiatives within CISA's CSD.

The Center for Internet Security (CIS) makes the connected world a safer place for people, businesses, and governments through our core competencies of collaboration and innovation. We are a community-driven nonprofit responsible for industry-leading best practices for securing IT systems and data. CIS is also a trusted resource for cyber threat prevention, protection, response, and recovery for U.S. State, Local, Tribal, and Territorial (SLTT) government entities and election offices.

CIS has an award-winning reputation for investing in its people (click to learn more), as well as . We offer our employees diverse opportunities to expand their impact personally and professionally, in their local communities, and among one another. Core drive our employees at every level of the organization, empowering them to be leaders in everything they do.

Salary Range: $82,500 - $144,400 We offer a competitive total rewards package at the Center for Internet Security:Base salary is determined on a number of factors including, but not limited to, education, experience and skills

Health (PPO, EPO, HSA), Dental & Vision Insurance eligibility starting from the first day of hire

$500 wellness card for Health Coverage Participants

401(k) with 4% Company Match, vested from the first day of hire

Flexible Spending Account (FSA) & Dependent Care Account (DCA)

Life Insurance

Bonding Leave

Paid Volunteering Program

Bonus eligibility

Paid Time Off (PTO) inclusive of vacation, personal and sick time

Paid Holidays

Wellness Program

Employee Engagement Activities

Professional Development Opportunities

Tuition Reimbursement

Student Loan PayDown Program

Employee Referral program

Employee Assistance Program

What You'll Do:
Provide comprehensive review of security events affecting SLTT governments through methods including network and host-based analysis of security log data and threat and vulnerability analysis

Review information from investigations and coordinate with fellow analysts to document information security issues and emerging trends

Liaise between CISA and Center for Internet Security to ensure a joint posture through shared threat intelligence

Provide Incident Response (IR) support when analysis confirms actionable incident

Other tasks and responsibilities as assigned

What You'll Need:
Bachelor's degree in Cybersecurity, Digital Forensics, Computer Science or a related field

3+ years' experience as cyber threat analyst, SOC analyst, or similar role

Knowledge of TCP/IP Protocols, network analysis, and network/security applications

Advanced experience in one or more of the following areas:
Incident response protocols, processes, and techniques

Network and host-based security event analysis

System and application security threats and vulnerabilities

Adversarial tactics, techniques, and procedures

Various host and network-based security controls

Strong time management, communication, attention to detail, and professional and interpersonal skills

Working knowledge of databases and database querying languages

Must have a Top Secret Security Clearance and be eligible to be granted SCI Suitability

The position is open to U.S. citizens and requires a favorably adjudicated DHS Fitness Review for Public Trust Positions

It's a Plus if You Have:

Advanced experience in writing and deploying signatures for network defense devices (Suricata, Snort, etc.)

Experience preparing and delivering technical presentations and reports

Experience in handling Advanced Persistent Threat (APT) related security incidents

Certifications in related areas (GREM, GCIA, GPEN, GCIH, Network+, Security+, etc.)

Additional years of relevant experience or a combination of an Associate's degree or equivalent and relevant experience may be substituted for the Bachelor's degree.

Factors that may cause a negative Fitness Review decision include:

Criminal Conduct

Dishonest Conduct

Employment Misconduct

Alcohol Abuse

Drug Use (illegal drug use or use of a legal drug in a manner that deviates from approved medical direction) Additionally, illegal drug use includes the use of drugs that are illegal for federal purposes despite being legal in select states and countries, such as marijuana.)

False Statements

Financial Issues

Have not resided in the US for three (3) of the past five (5) years

At CIS, we are committed to providing an inclusive environment in which the diverse backgrounds, experiences, and views of our employees, members, and customers are valued and respected. It is through this commitment that we are able to work together towards our common mission: to make the connected world a safer place.

<!– job description page –>