CACI International Cyber Threat Hunting Analyst in Herndon, Virginia
Cyber Threat Hunting Analyst
Job Category: Information Technology
Time Type: Full time
Minimum Clearance Required to Start: TS/SCI with Polygraph
Employee Type: Regular
Percentage of Travel Required: None
Type of Travel: None
What You’ll Get to Do:
Cyber threat hunting analyst to support our Enterprise Computer Network Defense (CND) efforts.Y ou will provide technical security assessments of applications and infrastructure, security design reviews as well as risk assessments. This is a hands-on role, requiring technical skills from the hardware to the application layer.
B e part of a department with an expanding range of programs focusing on Cyber Operations, where you get to grow on and between programs with peers who are dedicated to advancing national security. Participate in fun team outings and team building events where you get to engage with your co-workers and expand your career network. We are a fun, engaging environment with a management team focused on growing your career and making you a part of our future. We offer bonus compensation plans that demonstrate you being appreciated for working on the program and being a part of our team. You'll get paid for cyber events and training, such as our Capture the Flag Events, Internal Research and Development opportunities as well as prepaid courses to nationally recognized certification courses to grow your career
You’ll Bring These Qualifications:
Must have an active TS/SCI with Polygraph clearance
Experience working in a Security Operations Center (SOC) is helpful
Real-time threat assessment experience specializing in unstructured analysis to detect anomalous behavior within our enterprise
Must be adaptable with demonstrated ability and willingness to lean into difficult challenges e.g. solve things for which there may be no textbook answer
Ability to think like an adversary while investigating suspected compromises or malicious activity
Cyber threat intelligence research experience
Familiarity with the Mitre ATT&&CK framework and threat modeling
Experience developing heuristics for detection of threats
Critical thinking and intellectual curiosity are required
Experience with lab testing of identfied threat behaviors
Must have experience spinning up VMs
Comfortable with network scanning techniques
CVE research experience
Familiar with setting up, adjusting Splunk queries, sysmon logs, windows logs, writing queries, regex
Strong communication skills required, must be willing to reach across team to discuss topics , take ownership, speak up, listen, ask questions, express a point of view based on data, work with ambiguity
Forensic (triage) experience, along with data acquisition
Python (or Powershell) for task automation, API Dev work
Must be comfortable in a role described as "unstructured threat hunting", experience working in ambiguity, good at seeing solutions in advance
What We Can Offer You:
- We’ve been named a Best Place to Work by the Washington Post.
- Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
- We offer competitive benefits and learning and development opportunities.
- We are mission-oriented and ever vigilant in aligning our solutions with the nation’s highest priorities.
- For over 55 years, the principles of CACI’s unique, character-based culture have been the driving force behind our success.
Company Overview: At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is an Equal Opportunity Employer – Females/Minorities/Protected Veterans/Individuals with Disabilities.
As a federal contractor, CACI is subject to any federal vaccine mandates or other customer vaccination requirements. All new hires are required to report their vaccination status.