Cyber Threat Analyst(Intermediate)

Cyber Threat Analyst(Intermediate) Cherokee Federal 401(k) United States, Oklahoma, Tulsa 2 West 2nd Street (Show on map) Apr 10, 2026 Cyber Threat Analyst (Intermediate) This position requires an active Public Trust clearance or the ability to obtain a Public Trust clearance to be considered. Cherokee Nation System Solutions, LLC is seeking a knowledgeable Security Analyst, Journeyman to join our cybersecurity team and support the organization's efforts to protect data and networks from unauthorized access. The Security Analyst will provide technical expertise in information security standards, monitor network activity for potential threats, and perform in-depth security event analysis. This role requires advanced knowledge of network protocols, firewalls, disaster recovery operations, and security best practices. The ideal candidate will be proactive in identifying threats and solving complex technical issues to enhance the organization's overall security posture.

Compensation & Benefits:

Estimated Starting Salary Range for Cyber Threat Analyst (Intermediate) : $107K-$115K Pay commensurate with experience. Full time benefits include Medical, Dental, Vision, 401K, and other possible benefits as provided. Benefits are subject to change with or without notice. Cyber Threat Analyst (Intermediate)

Responsibilities Include:

Incident Detection & Response Monitor, analyze, and triage security alerts from multiple sources including SIEM, EDR/XDR, and network monitoring tools Perform in-depth investigations of security incidents, including malware, phishing, lateral movement, and data exfiltration Lead incident response activities and recommend containment, eradication, and recovery actions Create incident reports documenting incident timelines, root cause analysis, and remediation recommendations Endpoint & Network Security Analysis Analyze endpoint telemetry to identify suspicious behavior, persistence mechanisms, and exploitation techniques Investigate network traffic (e.g., DNS, HTTP(S), NetFlow, PCAP) for indicators of compromise (IOCs) and attacker activity Correlate endpoint and network data to identify threats and attack patterns Cloud Security (AWS & Azure) Monitor and investigate security events in AWS and Azure environments Analyze CloudTrail, VPC flow, Azure Activity, and Azure AD/Entra ID logs to identify suspicious cloud activity Support cloud incident response and recommend security improvements EDR and SIEM Detection & Analysis Utilize Splunk for log analysis, correlation searches, and dashboard creation Leverage Microsoft Defender XDR and Trellix Endpoint Security (HX) for threat hunting, alert triage, and response actions Develop and tune detection rules to improve alert fidelity and reduce false positives Create and maintain runbooks and standard operating procedures (SOPs) Threat Hunting & Intelligence Conduct proactive threat hunting across endpoint, network, and cloud environments Integrate and apply threat intelligence to enhance detection and response capabilities Identify gaps in visibility and recommend improvements Collaboration & Mentorship Act as escalation point for Tier 1 analysts Provide guidance and training to junior analysts Collaborate with to facilitate incident response and improve security posture Cyber Threat Analyst (Intermediate) Experience, Education, Skills, Abilities requested: Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field is preferred. Minimum 3-5 years of experience in security analysis, with a strong understanding of network protocols, traffic analysis, endpoint forensics and artifacts. Strong experience with Splunk (SPL, dashboards, correlation rules) correlation) Experience analyzing: Endpoint telemetry (EDR tools, host-based investigations) Network traffic (packet analysis, NetFlow, IDS/IPS alerts) Cloud logs (AWS and Azure) Familiarity with AWS (e.g., CloudTrail, GuardDuty, VPC logs) Familiarity with Microsoft Azure (e.g., Azure AD/Entra ID, Defender for Cloud) Experience with Microsoft Defender XDR (endpoint, identity, email, and cloud) Solid understanding of:

MITRE ATT&CK

framework Common attack Tactics, Techniques, and Procedures (TTPs) Relevant certifications: GIAC Certified Incident Handler (GCIH) GIAC Certified Forensic Analyst (GCFA) GIAC Certified Forensic Analyst (GCFE) CompTIA CySA+

Microsoft Certified:

Security Operations Analyst Associate (SC-200)

Splunk Core Certified Power User Splunk Certified Cybersecurity Defense Analyst Preferred Skills:

Experience with SIEM tools and network monitoring systems. Strong analytical and problem-solving skills with the ability to respond to complex security incidents. Scripting or automation skills (Python, PowerShell, Bash) Experience with SOAR platforms and automated response workflows Knowledge of digital forensics and malware analysis (basic to intermediate) Excellent communication skills, with the ability to clearly explain security issues and recommendations to technical and non-technical stakeholders. Must pass pre-employment qualifications of

Cherokee Federal Company Information:

Cherokee Nation System Solutions (CNSS) is a part of Cherokee Federal - the division of tribally owned federal contracting companies owned by Cherokee Nation Businesses. As a trusted partner for more than 60 federal clients, Cherokee Federal LLCs are focused on building a brighter future, solving complex challenges, and serving the government's mission with compassion and heart. To learn more about CNSS , visit cherokee-federal.com. #CherokeeFederal #LI-SM2 #AppC Cherokee Federal is a military friendly employer. Veterans and active military transitioning to civilian status are encouraged to apply.

Keywords Security Analyst Network Security Threat Detection SIEM Tools Incident Response Similar Job Titles Cybersecurity Analyst Network Security Analyst Information Security Specialist Threat Detection Specialist Incident Response Analyst Legal Disclaimer:

Cherokee Federal is an equal opportunity employer. Please visit cherokee-federal.com/careers for information regarding our Affirmative Action and Equal Opportunity Employer Statement, and Accommodation request. Many of our job openings require access to government buildings or military installations. Candidates must pass pre-employment qualifications of Cherokee Federal.