Security Analyst (Job ID: 2023-3219)

Join one of the most influential, most quoted and most trusted think tanks!

The Brookings Institution is a nonprofit public policy organization based in Washington, DC. Our mission is to conduct in-depth research that leads to new ideas for solving problems facing society at the local, national and global level.

We bring together leading experts in government and academia from all over the world, rooted in open-minded inquiry and representing diverse points of view, who provide the highest quality research, policy recommendations, and analysis. Research topics cover a full range of public policy issues in economics, foreign policy, development, governance and metropolitan policy.

With fair and transparent business practices, clear communication, mutual respect, and a collaborative atmosphere that offers both professional and personal development opportunities, Brookings offers an inclusive and welcoming workplace that values the efforts of all contributors.

Brookings Technology Services provides a variety of services and support to Brookings employees, whether resident or non-resident, including: 

• Providing support for Brookings-issued hardware, software, and phones 
• Managing a pool of loaner equipment including laptops, tablets, and mobile phones 

• Providing and supporting standard office and email software in addition to a variety of useful business tools and software 
• Setup of user accounts and providing access (in-house and remotely) to documents, software and email 

Position Location: This position is hybrid. Hybrid positions combine regular in-person presence at our Washington, DC office with the option of at least two days of remote work each week.

Vaccine Policy: Brookings requires all staff to submit proof of complete vaccination against COVID-19 to be in Brookings buildings.  

Individuals that (i) have a qualifying medical condition that contraindicates a COVID-19 vaccination, or (ii) who object to being vaccinated based on a sincerely held religious belief, may request a reasonable accommodation.  Brookings policies on masks and other pandemic mitigation measures will continue to be informed by DC and CDC guidelines.   

Ready to contribute to Brookings success? 

The Security Analyst is responsible for performing all procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction. This position is considered essential and the individual is required to be available during cyber events, including working on-site if the incident requires it. The Brookings institution remains a target of interest to threat actors, both foreign and domestic. And as such, has invested heavily in the tools and skills necessary to stay in front of evolving and persistent threats. The position requires a dedicated, analytical, proactive technologist with strong interpersonal and analytical skills.

Security System Administration, Configuration and Analysis (35%)

• Monitors and analyzes a broad range of Intrusion Detection Systems to identify security issues for remediation.
• Recognizes potential, successful, and unsuccessful intrusion attempts and compromises through reviews and analyses of relevant event detail and other information.
• Ensures security systems are properly functioning and are updated and optimally configured for the environment.
• Implements security systems as threats evolve based on strategic choices made by the organization.
• Participates in the evaluation of firewall and other infrastructure changes and assists in the assessment of organizational risk.

Security Incident Management (35%)

• Conducts incident investigations on SIEM tools and escalate as necessary. 
• Performs threat hunting using SIEM and other tools.
• Process security related tickets and escalate as needed. 
• Maintains Security Incident log. Performs Computer Security Incident response activities, records and reports incidents.
• Communicates alerts regarding intrusions and compromises to the network infrastructure, applications and operating systems.
• Assists with implementation of counter-measures or mitigating controls.
• Prepares incident reports.

Audits and Reports (20%)

• Ensures the integrity and protection of the network, systems, and applications by the technical enforcement of organizational security policies though monitoring of vulnerability scanning devices.
• Oversees periodic and on-demand system audits and vulnerability assessments, including user accounts, software access, service permissions, phishing, file system and external web integrity scans to determine compliance.

Cyber Engagement, Education, Projects (10%)

• Engage Brookings user community developing cyber education and awareness outreach.
• Participates in special projects and contributes security considerations t0 new initiatives.
• Evaluates new and proposed products and solutions for organizational risk.
• Maintains current knowledge of relevant technologies.
• Other duties as assigned.

Ready to make an impact? In this role, you will support Brookings values of collegiality, respect, inclusion, diversity and community, and bring the following qualifications: 

Education/Experience Requirements: 

Bachelor’s Degree in Computer Science, Cyber Security, Information Technology or a related technical discipline preferred, or the equivalent combination of education, professional training or work experience. A minimum of 3 years of relevant experience required, experience can come from a combination of professional work experience, education and undergraduate courses, and/or internships . Experience implementing, administering and maintaining security systems including one of more of the following is required: IDS/IPS, SIEM, PKI, application white listing, proxy servers, malware sandboxes, anti-virus and vulnerability scanning, next-gen firewalls. Must be authorized to work for any employer in the U.S.

Knowledge/Skills Requirements: 

Knowledge of networking, DNS, antivirus, and SIEM systems. Understanding of malware Infection methods and command and control structures.  Understanding of authentication systems, including multifactor. Knowledge of APIs and scripting a plus. CISSP-ISSAP, ISSEP, CISA and CCSP certifications a plus.

Additional Information: 

What can we offer you? Brookings provides a generous benefit package that is comprehensive and includes both traditional benefits and unique offerings. 

Brookings requires that all applicants submit a cover letter and resume. Please attach your cover letter and resume as one document when you apply. Please note: if you have applied to more than one Brookings job opening you should add a position-specific cover letter as a separate attachment. 

Successful completion of a background investigation is required for employment at Brookings. 

Brookings welcomes and celebrates diversity in all its forms.  We welcome applications that reflect a variety of backgrounds based on ideology, race, ethnicity, religion, gender, sexual orientation, gender identity or expression, disability, veteran status, first generation college goers, and other factors protected by law. Brookings is proud to be an equal-opportunity employer that is committed to promoting a diverse and inclusive workplace.