Share Email Opening

Cyber Incident Analyst - 2005032 

EOE StatementCarnegie Mellon University - Software Engineering Institute considers applicants for employment without regard to, and does not discriminate on the basis of, gender, race, protected veteran status, disability, or any other legally protected status.

Position Summary: The cyber incident analyst will extract cyber security incident data from large institutions to support cyber security research programs. The analyst will independently and proactively review and interpret incident data, identify additional data sources, and liaise with partner organizations' incident response personnel to support research requirements. A successful candidate will be able to interact with both technical and nontechnical staff and customers. The position may require traveling 20-60% of the time.

Minimum Qualifications and Requirements:

Education/Training: Bachelor’s Degree in a relevant discipline with eight (8) years of experience, or a MS degree in a relevant discipline with five (5) years of experience.

Experience/Skills/Abilities: The successful candidate will possess:

  • Previous experience analyzing network traffic and IDS events for malicious intent.
  • Strong knowledge of Cyber Threat Intelligence principles, including the ability to analyze threat campaign(s) techniques, lateral movements and indicators of compromise
  • Understanding of networking essentials including data flows, architecture, protocols, and traffic analysis
  • Working proficiency with IDS, IPS, firewall, DDoS mitigation, UTM, log management, and other devices
  • Previous experience in research and analysis of a wide variety of host based malware and Anti-Virus tools
  • Understanding of exploits, vulnerabilities, network attacks and malware
  • Specific experience with SIEM-Based log monitoring technologies and tools (e.g., SPLUNK ES, McAfee ESM and the ability to develop content, such as scripts, use cases for SIEM queries
  • Ability to develop technical solutions to complex problems independently and creatively
  • Previous experience providing detection and response to security events and incidents
  • Exemplary written communication

Other: Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

Preferred Qualifications and Requirements:

Experience/Skills/Abilities: The successful candidate will possess:

  • Intermediate programming ability for data analysis including Python or R
  • Ability to quickly learn new technology and concepts
  • Prior operational experience in a Security Operations Center and/or Computer Emergency Response Team (CERT/CIRT)
  • Knowledge of adversarial activities such as intrusion set tactics, techniques, and procedures (TTP)
  • Experience with ticketing systems for incident response (e.g., BMC Remedy, Service Now, RSA Archer )
  • Ability to identify cyber threats, threat vectors, threat actors, and threat trends

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran


Job Categories Cyber Security 

This position is currently not accepting applications.

To search for an open position, please go to

Follow us See who works here:

AppOne.comTM   copyrightŠ1999-2017 HR Services, Inc.
Click here for technical assistance.