CACI International ArcSight System Administrator in Chantilly, Virginia

Job Description

What You’ll Get to Do:

CACI is currently looking for outstanding IT candidates to join our TSA IT Management, Performance Analysis, and Collaborative Technologies (IMPACT) team in the National Capital Region (NCR) and throughout the United States. CACI will provide a variety of IT services through IMPACT including cyber security, identity and access management, risk management, cloud integration and engineering, field support services, service desk, application deployment and optimization, and operations center support services. CACI will support TSA in both classified and unclassified IT operational environments increasing availability and security for a variety of applications and systems. IMPACT services will integrate with the broader DHS mission and enhance existing Department-wide IT capabilities.

More About the Role:

  • The ArcSight Administrator will perform standard O&M activities for the ArcSight Security Information and Event Management (SIEM) infrastructure supporting the cyber security monitoring and response methodology in accordance with TSA infrastructure program requirements

  • Operate and tune ArcSight

  • Use SIEM tools to monitor and analyze network performance and Cyber Security incidents and reports to detect vulnerabilities and anomalies or problems or issues.

  • Use ArcSight Event Security Manager (ESM) to elevate threat items to incident responders.

  • Develop ESM rules, reports, dashboards, data monitors, active channels, trends, and use cases to identify threats and optimize data mining.

  • Perform analysis of current configuration and proposed configurations to ensure compatibility within the overall system;

  • Analyze threat information gathered from logs, Intrusion Detection Systems, intelligence reports, vendor sites, and a variety of other sources.

  • Research, plan, install, configure, troubleshoot, maintain, and back up all components in the ArcSight Enterprise Log Management (ELM) architecture.

  • Apply knowledge of ArcSight ESM expertise to conceptualize, design, and build secure technical solutions, including operationally viable and efficient applications, systems, architectures, and infrastructure.

  • Direct on the design and innovative integration of Cybersecurity toolsets to enable more automated discovery, remediation, and alerting of network and device vulnerabilities as a means of improving the security posture while reducing manpower requirements

  • Troubleshoot and develop solutions for anomalies both remotely and locally for ArcSight Logging solutions.

You’ll Bring These Qualifications:

  • Experience with the integration and sustainment of the ArcSight Connector Appliance, Logger components, ArcSight Management Center, and ArcSight ESM.

  • Knowledge of administration for the ArcSight ESM and backend database infrastructure related to upgrades and daily maintenance.

  • Ability to obtain a DOD Security Clearance

  • Ability to obtain a DHS Entrance on Duty (EOD)

  • BA/BS or equivalent experience and minimum 5 years related work experience

  • Detail oriented

  • Flexible – The environment is highly dynamic. You will be expected to keep up with the changing environment while ensuring a high level of operational effectiveness

  • Team Player – This role is part of a much larger team

These Qualifications Would be Nice to Have:

  • Relevant DHS focused experience

What We Can Offer You:

  • We’ve been named a Best Place to Work by the Washington Post.

  • Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.

  • We offer competitive benefits and learning and development opportunities.

  • We are mission-oriented and ever vigilant in aligning our solutions with the nation’s highest priorities.

  • For over 55 years, the principles of CACI’s unique, character-based culture have been the driving force behind our success.

TSAHP

Job Location

US-Chantilly-VA-VIRGINIA SUBURBAN

CACI employs a diverse range of talent to create an environment that fuels innovation and fosters continuous improvement and success. At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is proud to provide dynamic careers for employees worldwide. CACI is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities.