Regional Cyber Analyst

THIS POSITION IS REQUIRES THE PARTICIPANT TO BE IN EITHER PHILADELPHIA, PA OR IN AN EASTERN TIME ZONE DHS FACILITY! A member of the Cybersecurity and Infrastructure Security Agency’s Region 3 team supports CISAs efforts to enhance the security, resiliency, and reliability of the Nation’s cyber and physical infrastructure. Students will learn the centralized cybersecurity and infrastructure protection programs that support a diverse mission and workforce that spans CISA Region 3 (PA, DE, MD, DC, VA, WV).

ABOUT THE JOB

Data Aggregation and Analysis: Aggregate and analyze cybersecurity assessment data (e.g., Palo Alto Xpanse / Cortex, Vulnerability Scanning, RVAs, CPG metrics) and ROI/feedback data. Identify trends and patterns in cybersecurity incidents, vulnerabilities, and threat actor activities Recommend tactics to mitigate risks by aligning data insights with critical infrastructure protection goals. Conduct in-depth research and analysis and risk assessments of critical infrastructure information technology (IT) and operational technology (OT) systems to identify threats, vulnerabilities, and consequences. Provides all-source analysis on information security issues through high-quality, polished written assessments, briefings, and engagements to understand cybersecurity threats, vulnerabilities, consequences to cyber infrastructure. Perform Threat Actor Mapping using MITRE ATT&CK and identify defense evasion tactics and recommend mitigations aligned with CISA Cross Sector Cyber Performance Goals. Visualizations and Reporting: Create dashboards and visualizations using Tableau, PowerBI, and ArcGIS to present cybersecurity insights effectively. Provide the cybersecurity advisor teams with targeted recommendations for outreach based on data analysis. Develop detailed reports to communicate findings to internal and external stakeholders. Quality Assurance of PowerBI Dashboards: Conduct thorough quality assurance reviews of PowerBI dashboards, reports, and datasets to ensure accuracy, relevance, and functionality. Test and optimize dashboards to eliminate unwanted data aggregation and commingling. Extract data from PowerBI dashboards as necessary to generate detailed reports and insights. Assists in identifying and researching various requirements, directives, intelligence databases, and various ancillary sources to gather and disseminate information supporting ongoing or emerging program or project requirements. Coordinates studies and evaluates analytical products, in collaboration with intelligence, law enforcement, and private sector partners. Develops assessment plans and measures of performance/effectiveness. Conducts strategic and operational effectiveness assessments as required for cyber events. Determines whether systems performed as expected and provides input to the determination of operational effectiveness. Performs tasks in coordination with the regional Operations and Outreach Teams. Use ServiceNow and Microsoft Dynamics to track and assign cyber incident and vulnerability notifications conducted by regional cybersecurity advisors to US Critical Infrastructure Organizations. Assists with processing of new requests for regional cybersecurity advisor-delivered services and tracks status through delivery. Coordinates with the Cyber Security Division (CSD) to obtain status on CSD-delivered service requests. Monitor and report on Vulnerability Notification and Administrative Subpoena deadlines and deliverables assigned and executed across the region. Collaboration and Support: Work closely with cybersecurity advisors, regional operations team, and other CISA teams to deliver actionable insights. Support outreach efforts by identifying high-priority targets based on cybersecurity risk data. Assist in strategic planning and operational decision-making to reduce risks to critical infrastructure.

RESPONSIBILITIES

• Aggregate and analyze cybersecurity assessment data and ROI/feedback data.
• Conduct in-depth research and analysis and risk assessments of critical IT and OT systems.
• Create dashboards and visualizations using Tableau, PowerBI, and ArcGIS.
• Conduct thorough quality assurance reviews of PowerBI dashboards, reports, and datasets.
• Use ServiceNow and Microsoft Dynamics to track and assign cyber incident and vulnerability notifications.

QUALIFICATIONS

• Secret Clearance.
• Minimum 1 year experience in fields related to IT and Cybersecurity.
• Familiar with ServiceNow, SharePoint, O365 Suite, Dynamics.
• Knowledge of cybersecurity terminology, concepts and tools such as CVEs, Risk Mitigation Techniques, Cyber Incident Management.
• Experience with Data Analysis and Visualization tools such as PowerBI, Excel, Python, R, Tableau, ArcGIS, ESRI and DAX.

ADDITIONAL ELIGIBILITY

THIS POSITION IS REQUIRES THE PARTICIPANT TO BE IN EITHER PHILADELPHIA, PA OR IN AN EASTERN TIME ZONE DHS FACILITY! Prerequisites: Secret Clearance. Minimum 1 year experience in fields related to IT and Cybersecurity. Demonstrated Attention to Detail, Customer Service, Oral Communication, Problem solving abilities. Ability to effectively document processes, procedures, and external reference documentation. Familiar with knowledge management tools (including but not limited to ServiceNow, SharePoint, O365 Suite, Dynamics). Knowledge of cybersecurity terminology, concepts and tools such as Common Vulnerabilities and Exposures (CVEs), Risk Mitigation Techniques, Cyber Incident Management, Attack Surface Management, Shodan, Palo Alto/Cortex Xpanse. Experience with Data Analysis and Visualization tools such as: PowerBI, Excel, Python, R, Tableau, ArcGIS, ESRI and Data Analysis Expressions (DAX). Enjoys interacting across groups (internal stakeholder interaction) to come up with effective solutions, performs solution testing, and training.

OTHER

TO APPLY: Tailor a resume outlining your experience with the Eligibility Factors and Jobs Description. Title the email "Region 3 Cyber Analyst Skillbridge Opportunity." Address the email to jason.schaum@mail.cisa.dhs.gov. Include your separation date AND dates of availability (Start/Finish) in the body of the email.