Training
Featured CourseView All Courses
Get a free hour of SANS training

Experience SANS training through course previews.

Learn More
Learning Paths
FeaturedView all Focus Areas
Cloud Security Training
Can't find what you are looking for?

Let us help.

Contact us
Resources
SANS Community Benefits

Connect, learn, and share with other cybersecurity professionals

CISO Network

Engage, challenge, and network with fellow CISOs in this exclusive community of security leaders

Join the SANS Community

Become a member for instant access to our free resources.

Sign Up
For Organizations
Public Sector

Mission-focused cybersecurity training for government, defense, and education

Partnerships

Explore industry-specific programming and customized training solutions

Sponsorship Opportunities

Sponsor a SANS event or research paper

Interested in developing a training plan to fit your organization’s needs?

We're here to help.

Contact Us
Talk with an expert
Talk with an expert

Cyber Defense Analyst (DCWF 511)

Monitors cyber defense tools like IDS and logs to analyze network events, identifying and mitigating potential threats to security environments.

Jump to:

Analyze network traffic at packet-level, leveraging IDS/IPS tools and cyber defense methodologies to rapidly identify threats, correlate events, and escalate incidents, ensuring timely mitigation and comprehensive security posture reporting.

What You'll Do

Network Traffic Monitoring

Monitor network traffic using advanced cyber defense tools to detect anomalies, vulnerabilities, and potential intrusions.

Incident Threat Mitigation

Rapidly identify, analyze, and escalate cybersecurity incidents to mitigate threats and minimize operational impact.

Security Posture Assessment

Perform detailed security assessments, trend analyses, and reporting to strengthen organizational cyber defense posture.

Similar Roles

Vulnerability Assessment Analyst (DCWF 541)

DoD 8140: Cybersecurity

Assesses systems and networks to ensure compliance with policies and identify vulnerabilities in support of secure and resilient operations.

Explore learning path

Information Systems Security Developer (DCWF 631)

DoD 8140: Cybersecurity

Designs and evaluates information system security throughout the software lifecycle to ensure confidentiality, integrity, and availability.

Explore learning path

Cyber Defense Infrastructure Support Specialist (DCWF 521)

DoD 8140: Cybersecurity

Deploys, configures, maintains infrastructure software and hardware to support secure and effective IT operations across organizational systems.

Explore learning path

Information Systems Security Manager (DCWF 722)

DoD 8140: Cybersecurity

Oversees program, system, or enclave cybersecurity, ensuring protection from cyber threats and compliance with organizational standards.

Explore learning path

COMSEC Manager (DCWF 723)

DoD 8140: Cybersecurity

Manages organization’s COMSEC resources to ensure secure handling of communications materials as required by national and agency policies.

Explore learning path

Control Systems Security Specialist (DCWF 462)

DoD 8140: Cybersecurity

Oversees cybersecurity configuration and daily security operations of control systems, ensuring mission support and stakeholder coordination.

Explore learning path

Security Architect (DCWF 652)

DoD 8140: Cybersecurity

Designs secure enterprise systems considering environmental constraints and translates them into enforceable security processes and protocols.

Explore learning path

Security Control Assessor (DCWF 612)

DoD 8140: Cybersecurity

Conducts independent assessments of IT system security controls to evaluate their overall effectiveness in protecting mission-critical systems.

Explore learning path

Need more guidance about cyber roles?

There are numerous different roles in cybersecurity and where you fit depends on your interest level. SANS New to Cyber offers courses, certifications, and free resources for anyone interested in getting started in cybersecurity.

Explore New to Cyber