CACI International SOC Support Specialist (Incident Response) in Chantilly, Virginia
What You’ll Get to Do:
CACI is currently looking for outstanding IT candidates to join our TSA IT Management, Performance Analysis, and Collaborative Technologies (IMPACT) team in the National Capital Region (NCR) and throughout the United States. CACI will provide a variety of IT services through IMPACT including cyber security, identity and access management, risk management, cloud integration and engineering, field support services, service desk, application deployment and optimization, and operations center support services. CACI will support TSA in both classified and unclassified IT operational environments increasing availability and security for a variety of applications and systems. IMPACT services will integrate with the broader DHS mission and enhance existing Department-wide IT capabilities.
The successful candidate must be well-versed in security monitoring and response operations, cyber security tools, intrusion detection, and secured networks.
More About the Role:
Responsible for Security monitoring across TSA Infrastructure.
Responsible for executing the cyber security monitoring and response methodology in accordance with TSA infrastructure program requirements
Responsible for implementing and applying technologies, processes, and practices designed to protect networks, devices, programs, and data from malicious attack, damage, or unauthorized access.
Immediate Classified Spill Support, upon notification, to remediate classified spills on any system
Conduct incident response of TSA infrastructure
Provide coordinated response to detected anomalies or incidents
Provide incident response coordination of IDS, security event platforms
Review and collect asset data for investigation support; collect and analyze threat indicators from various sources
Recommend appropriate mitigation activities to minimize downtime, mission impact and restore service
Correlate and analyze precursors to incidents and provide recommendations to mitigate related vulnerabilities and activities
Perform emerging threat analysis
Provide security investigation of incidents; provide security logs, artifacts, data and incident reports
Provide additional details and analysis on cyber incident reports as required to SOC leadership
Review, analyze, and disseminate advisories and orders received
You’ll Bring These Qualifications:
Well-developed understanding of Defensive (and Offensive) Cybersecurity technologies, e.g. Next Generation Firewall (NGFW), Intrusion Prevention System (IPS), Content Filtering devices and proxies (Web and Email), Data Loss Prevention (DLP), Security Intrusion and Event Monitoring (SIEM), etc.
Understands the structure and functionality of COTS applications (e.g., Security Automation & Orchestration platforms, Splunk, etc.)
Solid understanding of tools, techniques and procedures, threat actors, and threat campaigns
Experience with enterprise network defense and response
Analytical skills to support security investigations
Experience and solid understanding of cyber threats and cyber security
Ability to obtain a DOD Security Clearance
Ability to obtain a DHS Entrance on Duty (EOD)
BA/BS or equivalent experience and minimum 5 years related work experience
Flexible – The environment is highly dynamic. You will be expected to keep up with the changing environment while ensuring a high level of operational effectiveness
Team Player – This role is part of a much larger team
These Qualifications Would be Nice to Have:
- Relevant DHS focused experience
What We Can Offer You:
We’ve been named a Best Place to Work by the Washington Post.
Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
We offer competitive benefits and learning and development opportunities.
We are mission-oriented and ever vigilant in aligning our solutions with the nation’s highest priorities.
For over 55 years, the principles of CACI’s unique, character-based culture have been the driving force behind our success.
CACI employs a diverse range of talent to create an environment that fuels innovation and fosters continuous improvement and success. At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is proud to provide dynamic careers for employees worldwide. CACI is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities.