Cyber Incident Analyst

Full Time
Pittsburgh, PA
Areas of Interest: Incident Response
report a problem

Carnegie Mellon University - Software Engineering Institute considers applicants for employment without regard to, and does not discriminate on the basis of, gender, race, protected veteran status, disability, or any other legally protected status.

Position Summary:

The cyber incident analyst will extract cyber security incident data from large institutions to support cyber security research programs. The analyst will independently and proactively review and interpret incident data, identify additional data sources, and liaise with partner organizations' incident response personnel to support research requirements. A successful candidate will be able to interact with both technical and nontechnical staff and customers. The position may require traveling 20-60% of the time.

Minimum Qualifications and Requirements:

Education/Training: Bachelor’s Degree in a relevant discipline with eight (8) years of experience, or a MS degree in a relevant discipline with five (5) years of experience.

Experience/Skills/Abilities: The successful candidate will possess:

  • Previous experience analyzing network traffic and IDS events for malicious intent.
  • Strong knowledge of Cyber Threat Intelligence principles, including the ability to analyze threat campaign(s) techniques, lateral movements and indicators of compromise
  • Understanding of networking essentials including data flows, architecture, protocols, and traffic analysis
  • Working proficiency with IDS, IPS, firewall, DDoS mitigation, UTM, log management, and other devices
  • Previous experience in research and analysis of a wide variety of host based malware and Anti-Virus tools
  • Understanding of exploits, vulnerabilities, network attacks and malware
  • Specific experience with SIEM-Based log monitoring technologies and tools (e.g., SPLUNK ES, McAfee ESM and the ability to develop content, such as scripts, use cases for SIEM queries
  • Ability to develop technical solutions to complex problems independently and creatively
  • Previous experience providing detection and response to security events and incidents
  • Exemplary written communication

Other: Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

Preferred Qualifications and Requirements:

Experience/Skills/Abilities: The successful candidate will possess:

  • Intermediate programming ability for data analysis including Python or R
  • Ability to quickly learn new technology and concepts
  • Prior operational experience in a Security Operations Center and/or Computer Emergency Response Team (CERT/CIRT)
  • Knowledge of adversarial activities such as intrusion set tactics, techniques, and procedures (TTP)
  • Experience with ticketing systems for incident response (e.g., BMC Remedy, Service Now, RSA Archer )
  • Ability to identify cyber threats, threat vectors, threat actors, and threat trends

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, disability status, protected veteran status or any other characteristic protected by law.


Share this job:

Software Engineering Institute

Leading and advancing software and cybersecurity to solve the nation's toughest problems. 

The SEI works closely with defense and government organizations, industry, and academia to continually improve software-intensive systems. Our core purpose is to help organizations improve their software engineering capabilities and to develop or acquire the right software, defect free, within budget and on time, every time. To accomplish this, the SEI 

- performs research to explore promising solutions to software engineering problems 

- identifies and codifies technological and methodological solutions 

- tests and refines the solutions through pilot programs that help industry and government solve their problems 

- widely disseminates proven solutions through training, licensing, and publication of best practices

Pervasive Mobile Computing, Security & Survivability, Measurement & Analysis, Cyber-Physical Systems, Digital Intelligence & Forensics, Acquisition Support, Software Architecture, Ultra-Large-Scale Systems, Risk Management, Process & Performance Improvement
Visit Software Engineering Institute's Social Media pages:
Company Industry: Computer Software
Company Type: Non Profit
Company Size: 501-1000