CACI International Cyber Data Analyst - Threat Hunting in Chantilly, Virginia
Cyber Data Analyst - Threat Hunting
Job Category: Information Technology
Time Type: Full time
Minimum Clearance Required to Start: TS/SCI with Polygraph
Employee Type: Regular
Percentage of Travel Required: Up to 10%
Type of Travel: Continental US
What You’ll Get to Do:
If chosen, YOU will get to work with an agile, fast paced team focused on defending our client’s global networks through threat hunting and tactical analysis of ongoing attacks. In this role, you will challenged to dig into various platforms to discover data anomalies. This person should have a wide of range knowledge and skills, such as computer forensics/mobile device forensics, data recovery, reverse engineering intrusion analysis and methodologies, intelligence analysis, and vulnerability assessments. If chosen, YOU will have the opportunity to work on highly visible projects that directly make an impact to the Nations mission. YOU will be a motivated, passionate leader with the ability to drive our long-term strategic goals with daily tactical objectives. YOU will be a critical component in taking complex problems and delivering solutions that are simple yet elegant.
You’ll Bring These Qualifications:
Must have an active TS/SCI with Poly
Bachelor’s degree in a related scientific or technical discipline
Deep understanding of computer networks and network communications (Layer 3 / Layer 4: IP, TCP, UDP)
In depth knowledge of CONOPS development, and APT tactics, techniques, procedures and tools
Data Science background, with natural curiosity for technical problem solving
Deep expertise in structured data analysis
Demonstrated experience in ETL/data engineering and data ingest pipelines
Experience writing code to conduct and/or automate analysis of large and/or complex data sets; proficiency in python or ability to quickly learn
Ability to develop threat detection processes based on analytical learnings
Willingness to solve complex challenges to understand how cybersecurity defenders determine malicious activity
Strong usage and analysis of netflow and PCAP traffic, to include understanding and finding anomalous activity
Ability to parse large amounts of netflow or PCAP data, with a focus on transforming results for use in larger systems
Research new solutions of latest cybersecurity solutions, and develop rapid prototypes against netflow and PCAP data
Ability to effectively express complex ideas and insights verbally and in writing to a variety of audiences
Ability to remain open-minded and change opinions on the basis of new information and requirements
Previous experience and/or familiarity with client infrastructure and processes
Previous experience with IC specific exploitation tools or capabilities
Familiarity administrating and/or using Apache, Spark, Hadoop, SOLR, elastic, or Cloudera software
Familiarity with the state of the defensive cybersecurity industry including: security operations, threat hunting, malware analysis, incident response, and cyber threat analysis.
What We Can Offer You:
We’ve been named a Best Place to Work by the Washington Post.
Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
We offer competitive benefits and learning and development opportunities.
We are mission-oriented and ever vigilant in aligning our solutions with the nation’s highest priorities.
For over 55 years, the principles of CACI’s unique, character-based culture have been the driving force behind our success.
Company Overview: At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is an Equal Opportunity Employer – Females/Minorities/Protected Veterans/Individuals with Disabilities.
As a federal contractor, CACI is subject to any federal vaccine mandates or other customer vaccination requirements. All new hires are required to report their vaccination status.