CACI International Security Analytics Analyst in Arlington, Virginia
Security Analytics Analyst
Job Category: Information Technology
Time Type: Full time
Minimum Clearance Required to Start: None
Employee Type: Regular
Percentage of Travel Required: Up to 10%
Type of Travel: Local
As a Security Analytics Analyst, the tasks will include analyzing all relevant cyber security event data and other data sources for attack indicators and potential security breaches; produce reports, assist in coordination during incidents; and coordinate with the O&M team to ensure all security monitoring systems are on-line, up to date, and fully operational. Position is responsible for engineering new and maintaining current IT tool-sets relevant to the environment.
More About the Role:
Responsible for tuning and filtering of events and information, creating custom views and content using all available tools
Identify misuse, malware, or unauthorized activity on monitored networks. Report the activity appropriately as determined by the customer
Lead vulnerability management efforts to remediate vulnerable systems, applications, and configurations
Design, Implement and Monitor intrusion detection and prevention systems and other security event data sources
Determine if security events should be escalated to incidents and follow all applicable incident response, reporting processes, and procedures
Notify the Customer of significant changes in the security posture of the Customer networks in a timely manner and in writing via established reporting methods.
Maintain system baselines and configuration management items, including security event monitoring "policies"
Produce reports identifying significant or suspicious security events
Establish procedures for handling each security event detected.
You’ll Bring These Qualifications:
Ability to attain DHS EOD
BA + 10 years’ applicable experience, AA + 12 years’ applicable experience, MA + 7 years applicable experience or 16 years’ experience
Experience with implementing STIGs
Experience working with Splunk
Extensive knowledge and/or experience protecting network environments against insider threat
Understanding and use of common vulnerability management tools
Ability to understand the day-to-day operational needs of customers and identify areas for improvement in business processes and proposed solutions.
Experience with software testing.
Experience with JIRA and Confluence.
Experience with ServiceNow.
These Qualifications Would Be Nice to Have:
CompTIA Security+ Certification
ISC2 Certified Information Systems Security Professional (CISSP) certification
Any other Cybersecurity certifications
What We Can Offer You:
We’ve been named a Best Place to Work by the Washington Post.
Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
We offer competitive benefits and learning and development opportunities.
We are mission-oriented and ever vigilant in aligning our solutions with the nation’s highest priorities.
For over 60 years, the principles of CACI’s unique, character-based culture have been the driving force behind our success.
Company Overview: At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other protected characteristic.