Chantilly, Virginia, USA
Job Category: Information Technology
Time Type: Full time
Minimum Clearance Required to Start: TS/SCI with Polygraph
Employee Type: Regular
Percentage of Travel Required: Up to 10%
Type of Travel: Continental US
What You’ll Get to Do:
You will plan and implement security measures to protect our clients information systems; review and respond to security alerts, scans, and audits; investigate suspicious alerts and logs, tune security log analysis and alert systems; coordinate security incident response; test and maintain the integrity of our security monitoring systems; and report on information systems security status, standards compliance, and deficiencies.
More About the Role:
Conduct advanced threat hunt operations using known adversary tactics, techniques and procedures as well as indicators of attack in order to detect adversaries with persistent access to the enterprise.
Create and add custom signatures, to mitigate highly dynamic threats to the enterprise using the latest threat information obtained from multiple sources.
Correlate data from intrusion detection and prevention systems with data from other sources such as firewall, web server, and DNS logs Notify the management team of significant changes in the security threat against the government networks in a timely manner and in writing via established reporting methods Coordinate with appropriate organizations within the intelligence community regarding possible security incidents.
You’ll Bring These Qualifications:
Must have an active TS/SCI with Poly
Bachelor’s degree in a related scientific or technical discipline
10-15 years of related experience
Core understanding of Layer 2 / Layer 3 networking
Data Science background, with natural curiosity for technical problem solving
Incident response experience
Strong usage and analysis of netflow and PCAP traffic, to include understanding and finding anomalous activity
Ability to parse large amounts of netflow or PCAP data, with a focus on transforming results for use in larger systems
Willingness to solve complex challenges to understand how cybersecurity defenders determine malicious activity
Ability to develop threat detection processes based on analytical learnings
Research new solutions of latest cybersecurity solutions, and develop rapid prototypes against netflow and PCAP data
Proficiency with scripting languages (preferably python), automation for transforming and associating complex data sets
Strong analytic and critical thinking skills, including an ability to think strategically
Ability to effectively express complex ideas and insights verbally and in writing to a variety of audiences
Ability to remain open-minded and change opinions on the basis of new information and requirements
What We Can Offer You:
We’ve been named a Best Place to Work by the Washington Post.
Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
We offer competitive benefits and learning and development opportunities.
We are mission-oriented and ever vigilant in aligning our solutions with the nation’s highest priorities.
For over 55 years, the principles of CACI’s unique, character-based culture have been the driving force behind our success.
Company Overview: At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other protected characteristic.
TS/SCI with Polygraph
CACI / Equal Opportunity Employer
JBCAC 279904 2023.07.16
Top Secret with Polygraph Required, CLZTS, CLZCI, — SKUUU, VA_CHANTILLY VA_VIRGINIA ZC20152 ZC201Z