Share Email Opening Apply Now
Title

Cyber Incident Analyst - 2005048 

EOE StatementCarnegie Mellon University - Software Engineering Institute considers applicants for employment without regard to, and does not discriminate on the basis of, gender, race, protected veteran status, disability, or any other legally protected status.
 
Description

Position Summary: The cyber incident analyst will extract cyber security incident data from large institutions to support cyber security research programs. The analyst will independently and proactively review and interpret incident data, identify additional data sources, and liaise with partner organizations' incident response personnel to support research requirements. A successful candidate will be able to interact with both technical and nontechnical staff and customers.  The position may require traveling 20-60% of the time.

 

Minimum Qualifications and Requirements:

Education/Training: Bachelor’s Degree in a relevant discipline. Recent graduates are encouraged to apply.

Experience/Skills/Abilities: The successful candidate will possess:

  • Internship/co-op level experience analyzing network traffic and IDS events for malicious intent
  • Knowledge of Cyber Threat Intelligence principles, including the ability to analyze threat campaign(s) techniques, lateral movements and indicators of compromise
  • Understanding of networking essentials including data flows, architecture, protocols, and traffic analysis
  • Working proficiency with IDS, IPS, firewall, DDoS mitigation, UTM, log management, and other devices
  • Understanding of exploits, vulnerabilities, network attacks and malware
  • Familiarity with SIEM-Based log monitoring technologies and tools (e.g., SPLUNK ES, McAfee ESM) and the ability to develop content, such as scripts, use cases for SIEM queries
  • Ability to develop technical solutions to complex problems independently and creatively
  • Exemplary written communication

Other:  Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements:

Experience/Skills/Abilities: The successful candidate will possess:

  • Intermediate programming ability for data analysis including Python or R
  • Ability to quickly learn new technology and concepts
  • Prior operational experience in a Security Operations Center and/or Computer Emergency Response Team (CERT/CIRT)
  • Knowledge of adversarial activities such as intrusion set tactics, techniques, and procedures (TTP)
  • Experience with ticketing systems for incident response (e.g., BMC Remedy, Service Now, RSA Archer)
  • Ability to identify cyber threats, threat vectors, threat actors, and threat trends
  • Previous experience providing detection and response to security events and incidents

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

 
Job Categories Cyber Security 

This position is currently accepting applications.

Apply Now




Follow us See who works here:
 


AppOne.comTM   copyrightŠ1999-2017 HR Services, Inc.
Click here for technical assistance.