Training
Featured CourseView All Courses
Get a free hour of SANS training

Experience SANS training through course previews.

Learn More
Learning Paths
FeaturedView all Focus Areas
Cloud Security Training
Can't find what you are looking for?

Let us help.

Contact us
Resources
SANS Community Benefits

Connect, learn, and share with other cybersecurity professionals

CISO Network

Engage, challenge, and network with fellow CISOs in this exclusive community of security leaders

Join the SANS Community

Become a member for instant access to our free resources.

Sign Up
For Organizations
Public Sector

Mission-focused cybersecurity training for government, defense, and education

Partnerships

Explore industry-specific programming and customized training solutions

Sponsorship Opportunities

Sponsor a SANS event or research paper

Interested in developing a training plan to fit your organization’s needs?

We're here to help.

Contact Us
Talk with an expert
Talk with an expert

Network Analyst (DCWF 443)

Analyzes network traffic and packet captures to detect anomalies and intrusions, while building advanced network detection rules and alerts.

Jump to:

Perform deep packet inspection, anomaly detection, and advanced rule creation to proactively identify threats. Leverage network mapping, signature development, and visualization tools to enhance security posture and ensure robust defense against cyber intrusions.

What You'll Do

Network Traffic Analysis

Analyze network traffic patterns, identify anomalies, and dissect packet captures to detect signs of intrusion and malicious activity.

Advanced Threat Detection

Develop advanced detection rules, alerts, and dashboards to proactively visualize threats and vulnerabilities across network infrastructure.

Incident Response Coordination

Coordinate incident response, mitigate intrusions, and collaborate with stakeholders to secure critical network operations and assets.

Similar Roles

Target Analyst Reporter (DCWF 133)

DoD 8140: Cyber Effects

Synthesizes intelligence for reporting, evaluates SIGINT/cyber collection, collaborates with analysts, and maintains databases and customer feedback.

Explore learning path

Cyberspace Capability Developer (DCWF 341)

DoD 8140: Cyber Effects

Provides software and hardware support for cyberspace operations by identifying vulnerabilities and developing cyberspace effect capabilities.

Explore learning path

Digital Network Exploitation Analyst (DCWF 122)

DoD 8140: Cyber Effects

Analyzes intercepted intel to map target networks, assess value, and find exploitation strategies, focusing on comms tech and system implementation.

Explore learning path

Cyberspace Operator (DCWF 322)

DoD 8140: Cyber Effects

Uses tools to conduct navigation, forensics, and recon in support of offensive cyber ops; performs actions on-net when authorized and directed.

Explore learning path

Host Analyst (DCWF 463)

DoD 8140: Cyber Effects

Conducts host system analysis using built-in tools, evaluating services, permissions, and configurations to detect and address system threats.

Explore learning path

Network Technician (DCWF 442)

DoD 8140: Cyber Effects

Supports Cyber Protection Team with infrastructure knowledge, mission scoping, and understanding of enterprise and tactical network systems.

Explore learning path

Exploitation Analyst (DCWF 121)

DoD 8140: Cyber Effects

Collaborates to identify access and collection gaps using cyber resources and techniques to penetrate target networks and support mission operations.

Explore learning path

Cyber Operations Planner (DCWF 332)

DoD 8140: Cyber Effects

Coordinates cyber operations plans, working with analysts and operators to support targeting and synchronization of actions in cyberspace.

Explore learning path

Need more guidance about cyber roles?

There are numerous different roles in cybersecurity and where you fit depends on your interest level. SANS New to Cyber offers courses, certifications, and free resources for anyone interested in getting started in cybersecurity.

Explore New to Cyber