user avatar

Cyber Threat Analyst(Intermediate)

Cherokee Federal

Posted today

Job Requirements

Remote
Public Trust Polygraph Unspecified
Career Level not specified
$107,000 - $115,000

Job Description

Cyber Threat Analyst (Intermediate)

This position requires an active Public Trust clearance or the ability to obtain a Public Trust clearance to be considered.

Cherokee Nation System Solutions, LLC is seeking a knowledgeable Security Analyst, Journeyman to join our cybersecurity team and support the organization's efforts to protect data and networks from unauthorized access. The Security Analyst will provide technical expertise in information security standards, monitor network activity for potential threats, and perform in-depth security event analysis. This role requires advanced knowledge of network protocols, firewalls, disaster recovery operations, and security best practices. The ideal candidate will be proactive in identifying threats and solving complex technical issues to enhance the organization's overall security posture.

Compensation & Benefits:

Estimated Starting Salary Range for Cyber Threat Analyst (Intermediate) : $107K-$115K

Pay commensurate with experience.

Full time benefits include Medical, Dental, Vision, 401K, and other possible benefits as provided. Benefits are subject to change with or without notice.

Cyber Threat Analyst (Intermediate) Responsibilities Include:

Incident Detection & Response

  • Monitor, analyze, and triage security alerts from multiple sources including SIEM, EDR/XDR, and network monitoring tools
  • Perform in-depth investigations of security incidents, including malware, phishing, lateral movement, and data exfiltration
  • Lead incident response activities and recommend containment, eradication, and recovery actions
  • Create incident reports documenting incident timelines, root cause analysis, and remediation recommendations


Endpoint & Network Security Analysis

  • Analyze endpoint telemetry to identify suspicious behavior, persistence mechanisms, and exploitation techniques
  • Investigate network traffic (e.g., DNS, HTTP(S), NetFlow, PCAP) for indicators of compromise (IOCs) and attacker activity
  • Correlate endpoint and network data to identify threats and attack patterns


Cloud Security (AWS & Azure)

  • Monitor and investigate security events in AWS and Azure environments
  • Analyze CloudTrail, VPC flow, Azure Activity, and Azure AD/Entra ID logs to identify suspicious cloud activity
  • Support cloud incident response and recommend security improvements


EDR and SIEM Detection & Analysis

  • Utilize Splunk for log analysis, correlation searches, and dashboard creation
  • Leverage Microsoft Defender XDR and Trellix Endpoint Security (HX) for threat hunting, alert triage, and response actions
  • Develop and tune detection rules to improve alert fidelity and reduce false positives
  • Create and maintain runbooks and standard operating procedures (SOPs)


Threat Hunting & Intelligence

  • Conduct proactive threat hunting across endpoint, network, and cloud environments
  • Integrate and apply threat intelligence to enhance detection and response capabilities
  • Identify gaps in visibility and recommend improvements


Collaboration & Mentorship

  • Act as escalation point for Tier 1 analysts
  • Provide guidance and training to junior analysts
  • Collaborate with to facilitate incident response and improve security posture


Cyber Threat Analyst (Intermediate) Experience, Education, Skills, Abilities requested:

  • Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field is preferred.
  • Minimum 3-5 years of experience in security analysis, with a strong understanding of network protocols, traffic analysis, endpoint forensics and artifacts.
  • Strong experience with Splunk (SPL, dashboards, correlation rules)
  • correlation)
  • Experience analyzing:
  • Endpoint telemetry (EDR tools, host-based investigations)
  • Network traffic (packet analysis, NetFlow, IDS/IPS alerts)
  • Cloud logs (AWS and Azure)
  • Familiarity with AWS (e.g., CloudTrail, GuardDuty , VPC logs)
  • Familiarity with Microsoft Azure (e.g., Azure AD/Entra ID, Defender for Cloud)
  • Experience with Microsoft Defender XDR (endpoint, identity, email, and cloud)
  • Solid understanding of:
  • MITRE ATT&CK framework
  • Common attack Tactics, Techniques, and Procedures (TTPs)
  • Relevant certifications:
  • GIAC Certified Incident Handler (GCIH)
  • GIAC Certified Forensic Analyst (GCFA)
  • GIAC Certified Forensic Analyst (GCFE)
  • CompTIA CySA +
  • Microsoft Certified: Security Operations Analyst Associate (SC-200)
  • Splunk Core Certified Power User
  • Splunk Certified Cybersecurity Defense Analyst
  • Preferred Skills:
  • Experience with SIEM tools and network monitoring systems.
  • Strong analytical and problem-solving skills with the ability to respond to complex security incidents.
  • Scripting or automation skills (Python, PowerShell, Bash)
  • Experience with SOAR platforms and automated response workflows
  • Knowledge of digital forensics and malware analysis (basic to intermediate)
  • Excellent communication skills, with the ability to clearly explain security issues and recommendations to technical and non-technical stakeholders.
  • Must pass pre-employment qualifications of Cherokee Federal


Company Information:

Cherokee Nation System Solutions (CNSS) is a part of Cherokee Federal - the division of tribally owned federal contracting companies owned by Cherokee Nation Businesses. As a trusted partner for more than 60 federal clients, Cherokee Federal LLCs are focused on building a brighter future, solving complex challenges, and serving the government's mission with compassion and heart. To learn more about CNSS , visit cherokee-federal.com.

#CherokeeFederal #LI-SM2 #AppC

Cherokee Federal is a military friendly employer. Veterans and active military transitioning to civilian status are encouraged to apply.

Keywords

  • Security Analyst


  • Network Security


  • Threat Detection


  • SIEM Tools


  • Incident Response
  • Similar Job Titles


  • Cybersecurity Analyst


  • Network Security Analyst


  • Information Security Specialist


  • Threat Detection Specialist


  • Incident Response Analyst


    • Legal Disclaimer: Cherokee Federal is an equal opportunity employer. Please visit cherokee-federal.com/careers for information regarding our Affirmative Action and Equal Opportunity Employer Statement, and Accommodation request.

    Many of our job openings require access to government buildings or military installations. Candidates must pass pre-employment qualifications of Cherokee Federal.
    group id: 10215765F

    Who We Are

    job ad image
    Find Cherokee Federal on Social Media
    FacebookFacebookXXother imageOther
    Network Employers
    user avatar
    About Us
    At Cherokee Federal, we’re always looking for top talent who share our values and who believe in making a difference. We manage nearly 1,000 federal projects of all sizes, from aerospace manufacturing and health sciences to technological innovations and consulting services.

    Cherokee Federal has a team of 3,000+ employees with the technical skills and entrepreneurial drive focused on building next-generation technologies, solving complex challenges and serving more than 60 federal agencies globally.

    We offer a comprehensive benefits package that reflects the importance of the services we provide our federal customers, including competitive salary, retirement, health and wellness and more. Join our team and make an immediate impact!
    See Cherokee Federal profile
    job ad2 image

    Cherokee Federal Jobs

    Job Category
    IT - Security
    Clearance Level
    Public Trust