What We Do:
Our team, within the Cyber Risk and Resilience Directorate,
researches, designs, and develops software tools for the
collection, storage, and analysis of network data to provide
security insights. We provide both the core network tools to
facilitate this capability, and prototypes of new methods to
present the data most effectively. We work with data at a scale
generally not experienced by most organizations, handling record
counts in the tens of billions per day.
Developing security insights at this scale requires creativity,
efficiency, and contemporary knowledge of modern computing
platforms. In some cases, the computing has outpaced the methods,
and it is incumbent upon us to generate novel views of both the
entire data collection, and of focused datasets tailored to
specific analyst needs.
Our network situational awareness security tools are published
As an associate security data analyst on the Products team you will
research network and host-based security threats to develop methods
of detection and tailor these for partner environments. Transition
of this research will take the form of developing detection
capabilities, providing new requirements and feature requests for
our NetSA Security tool suite, writing publications, and providing
customer-specific training. The primary network data source for the
team is netflow combined with application layer metadata, with an
expanding focus on host-based (e.g., EDR) and cloud
You will be responsible for gaining insights from data to
facilitate detections, working with partners to help them to better
understand their data and researching new data sources to expand
the expertise of the team.
- BS with 3 years of experience or MS with 1 year of experience,
in Computer Science or a related field.
- Movement between buildings within the SEI and CMU community
- Willingness to travel to various locations to support the SEI’s
overall mission. This may include national travel to sponsor sites,
conferences, and offsite meetings on occasion.
- You will be subject to a background check and will need to
obtain and maintain a Department of Defense security
Knowledge, Skills and Abilities:
- Ability to translate threat intelligence to avenues for
research, prototyping, and curation of detection capabilities.
- Strong knowledge of network fundamentals, common application
layer protocols, and network-based telemetry.
- Strong proficiency in at least one scripting or programming
language such as Python, Go, Ruby, C, Java, or Scala.
- Strong problem-solving skills, detailed research, and ability
to document and communicate ideas and findings to diverse
- Ability to present technical topics to audiences from senior
leadership to technical experts
- Hands-on experience in a security research, threat hunting,
detection engineering, and / or SOC Analyst role
- Experience analyzing network telemetry such as netflow,
application metadata, or PCAP from network sensors such as YAF,
Zeek, or Suricata; or experience analyzing host-based telemetry
from one or more commercial EDR products.
- Strong domain knowledge in security operations and related
- Awareness of the threat landscape and experience researching
and investigating threats
- Familiarity with services available in AWS, Azure, or Google
Cloud and experience with deploying resources in cloud
Job Function Breakdown:
75% - Threat and detection research
15% - Automation of analysis and detections
10% - Transition of research to partners, the public, or for
internal collaboration and integration
Our benefits philosophy encompasses three driving priorities:
choice, control, and well-being. Through Carnegie Mellon
University, the SEI offers a wide range of competitive employee
benefits, including comprehensive health insurance, tuition
benefits, generous time off, and a robust retirement savings policy
to name a few.
To learn more, visit these resources:
Why Carnegie Mellon
to learn more about becoming
part of an institution inspiring innovations that change the
Benefits at Glance
to get a listing of all employee
Staff Member Benefits
to get detailed information
about benefits for employees who are not faculty.
Why work here?
- Join a world-class organization that has significant impact
with software in government.
- Work with cutting edge technologies and experts to solve tough
problems for the government and the nation.
- Publish your research, attend or present at prestigious events,
and enjoy annual professional development opportunities.
- Get an 8% monthly contribution for your retirement plan without
having to contribute to it yourself.
- Get tuition benefits to attend classes at Carnegie Mellon
University for you and your dependent children.
- Get access to university resources, including campus fitness
facilities, mindfulness programs, childcare, free transportation on
the Port Authority Transit System, and more.
- Enjoy paid parental and military leave.
- Qualify for relocation assistance.
- Work in the heart of Oakland, a few blocks from the Carnegie
Mellon University and the University of Pittsburgh.
Arlington, VA, Pittsburgh, PA
Staff – Regular
Full time/Part time
Salary More Information:
- Please visit “ Why Carnegie Mellon ” to learn more about
becoming part of an institution inspiring innovations that change
- Click here to view a listing of employee benefits
- Carnegie Mellon University is an Equal Opportunity
- Statement of Assurance