CACI International Jobs

Job Information

CACI International Cyber Security Operations Specialist III-Cyber Threat Intelligence Analyst in Springfield, Virginia

Cyber Security Operations Specialist III-Cyber Threat Intelligence Analyst

Job Category: Information Technology

Time Type: Full time

Minimum Clearance Required to Start: TS/SCI

Employee Type: Regular

Percentage of Travel Required: Up to 10%

Type of Travel: Local

Do you like working with high performing ISSE teams? Are you self-motivated and enjoy a challenge? CACI won a new long-term contract with the National Geospatial-Intelligence Agency (NGA) for Transport & Cybersecurity Services (TCS) program. The functional capabilities are to provide the information technology (IT) infrastructure services required to deliver timely, relevant, and accurate GEOINT in support of national security. TCS will provide innovative design, engineering, procurement, implementation, operations, sustainment and disposal of transport and cybersecurity IT services on multiple networks and security domains, at multiple locations worldwide to support the NGA GEOINT mission.

What You’ll Get to Do:

  • Conduct emerging threat and intelligence fusion analysis;

  • Collect and analyze commercial and government cyber intelligence reports;

  • Analyzes intelligence reports to provide actionable cyber intelligence;

  • Develops and provides to the Government and other Contract Services regular and ad hoc reports, briefs, documents, diagrams, and other products as required to ensure stakeholders are aware of and understand cybersecurity threats and the risk posed to NGA by the threat;

  • Identifies and assesses the relevance and effectiveness of signatures and indicators of compromise based on intelligence;

  • Develops, reviews, and when properly authorized by the Government, disseminates NGA CSOC developed Cyber Intelligence products to internal to NGA and external DoD and IC partners, to include but not limited to threat intelligence reports, significant cyber activity reports, incident investigation reports, and other products as directed by the Government;

  • Analyzes patterns of behavior to identify and determine adversary intent and provides this analysis to the Government in a document, briefing and/or other products as required;

  • Develops comprehensive threat models of adversary activity and provides this analysis to the Government in a formal report, briefing, or other product as required;

  • Maps NGA cyber terrain to identify likely avenues of attack in coordination with Cyber Readiness Services and Cyber Technology Services; provides this analysis and recommendations to mitigate or remediate the avenue of attack to the Government;

  • Coordinates with NGA entities, to include but not limited to SI Cyber Counterintelligence, Insider Threat, and Blue Team to perform adversary profiling and threat modeling

More About the Role:

  • Coordinates with SIII Technical Investigations to enhance forensics investigations and analysis;

  • Coordinates with Source and Analysis to perform intelligence fusion and analysis;

  • Coordinates with Vulnerability Management and Risk Management as required to assess risk to NGA assets

  • Assesses, monitors for, and acts on indicators of compromise identified in community intelligence reports as required; this includes but is not limited to determining relevance and directing the implementation of indicator blocks, the creation of new detection alerts, referring the information to Hunt, or to Tier 2 for analysis, and coordinating with

  • Advanced Cybersecurity Analytics on the development of new signatures;

  • Documents all work in the authorized ticketing system with a level of detail sufficient to enable the Government and other services to reconstruct the analyst’s analysis process;

  • Provide input to the daily CSOC Significant Activity Report, the daily CSOC Operations Update, and the Weekly CSOC Status Report;

  • Coordinate with Network Security Services, Endpoint Security Services, and Cybersecurity Data Analysis Services on the development and implementation of signatures

You’ll Bring These Qualifications:

  • Have experience with Cyber Threat Intelligence

  • Be able to work independently and with minimal supervision

  • Be proactive in performing assigned job duties

  • Be an excellent communicator

  • Be a team player and facilitate a collaborative work environment

  • Have DOD 8570.01 IAT II certification and be willing to obtain a CSSP Analyst certification within six months of joining the team

These Qualifications Would be Nice to Have:

  • N/A

What We Can Offer You:

  • We’ve been named a Best Place to Work by the Washington Post.-

  • Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.

  • We offer competitive benefits and learning and development opportunities.

  • We are mission-oriented and ever vigilant in aligning our solutions with the nation’s highest priorities.

  • For over 55 years, the principles of CACI’s unique, character-based culture have been the driving force behind our success.



Company Overview: At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is an Equal Opportunity Employer – Females/Minorities/Protected Veterans/Individuals with Disabilities.

As directed by Executive Order 14042, all current and newly hired employees are required to be fully vaccinated for COVID-19 by January 18, 2022 and provide proof of vaccination, except where they are legally entitled to an exemption/accommodation.