CACI International Security Operations Center (SOC) Specialist in San Antonio, Texas
Security Operations Center (SOC) Specialist
Job Category: Information Technology
Time Type: Full time
Minimum Clearance Required to Start: TS/SCI
Employee Type: Regular
Percentage of Travel Required: Up to 10%
Type of Travel: Continental US
CACI is looking for a Security Operations Center (SOC) Specialist to support our DoD customer to implement an enterprise IT service delivery model that provides consistent, secure, high-quality, and cost-effective services to enable mission success and improve end user experience across the customer environment. On this program, CACI will deliver enhanced capabilities and services to implement and operate an enterprise ITSM solution, enterprise service desk, endpoint management and security solution, as well as CONUS/OCONUS field support and life cycle support for end user devices to enable the DoD customer to transition focus from IT operations to mission operations.
As a Security Operations Center (SOC) Specialist, you will be an integral part of the organization's cybersecurity team, responsible for monitoring, detecting, and responding to security incidents and threats. Your role will be critical in ensuring the organization's information systems and assets are protected from cyber-attacks, and that any potential security breaches are identified and mitigated promptly. Operating within a 24/7 environment, you will collaborate with other SOC members and cybersecurity professionals to maintain a strong defensive posture and ensure the confidentiality, integrity, and availability of critical data.
SHIFT M-F 0000-0800
What You’ll Get to Do:
Security Monitoring and Incident Detection: Monitor security event and incident logs from various sources, including network devices, servers, endpoints, and security tools. Identify and analyze potential security incidents and anomalies, taking appropriate actions to investigate and escalate as required.
Incident Response and Mitigation: Participate in incident response activities, including containment, eradication, and recovery procedures. Work closely with incident response teams and IT staff to mitigate the impact of security incidents and minimize the risk of recurrence.
Threat Intelligence Analysis: Stay updated with the latest cybersecurity threats and attack vectors. Analyze threat intelligence reports to proactively detect and respond to emerging threats.
Security Tool Management: Operate and maintain security tools, such as SIEM (Security Information and Event Management), IDS/IPS (Intrusion Detection/Prevention Systems), antivirus, and other security-related solutions.
Investigation and Forensics: Conduct in-depth analysis of security incidents, perform digital forensics, and document findings for future reference and improvement.
Security Incident Reporting: Prepare and submit detailed incident reports, including root cause analysis and recommended remediation actions, to senior management and stakeholders.
Continuous Monitoring and Auditing: Implement continuous monitoring processes to ensure ongoing visibility into the security posture of the organization. Perform regular audits of security controls and configurations.
Security Awareness and Training: Collaborate with the security awareness team to provide input into security training materials and awareness campaigns for employees, enhancing the overall security culture.
Security Policy Compliance: Ensure compliance with established security policies, standards, and procedures. Assist in the development and maintenance of security policies as necessary.
Shift Handover and Documentation: Provide clear and concise shift handover reports to SOC colleagues, ensuring accurate communication of ongoing incidents and pertinent information.
You’ll Bring These Qualifications:
Bachelor's degree in Computer Science, Information Security, Cybersecurity, or a related field (or equivalent work experience).
Proven experience in a Security Operations Center (SOC) or similar role, with hands-on experience in security monitoring, incident detection, and response.
In-depth knowledge of cybersecurity principles, threat landscape, and attack vectors.
Familiarity with security tools and technologies, such as SIEM, IDS/IPS, antivirus, and endpoint detection and response (EDR) systems.
Understanding of incident response procedures and methodologies, including forensic analysis.
Strong analytical and problem-solving skills, with the ability to make quick decisions under pressure.
Excellent communication skills to collaborate effectively with other team members, management, and external stakeholders.
Required DoD 8140 compliant certification such as CompTIA Security+ Other relevant cybersecurity certifications like Certified Information Systems Security Professional (CISSP), or Certified Information Security Manager (CISM), are a plus.
Knowledge of industry compliance standards (e.g., NIST) and relevant regulations (e.g., GDPR, HIPAA) is advantageous.
Willingness to work in a 24/7 rotational shift environment, including weekends and holidays.
What We Can Offer You:
We’ve been named a Best Place to Work by the Washington Post.
Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
We offer competitive benefits and learning and development opportunities.
We are mission-oriented and ever vigilant in aligning our solutions with the nation’s highest priorities.
For over 60 years, the principles of CACI’s unique, character-based culture have been the driving force behind our success.
Company Overview: At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other protected characteristic.