Job Title: Cyber Defense Analyst

Job Category: Information Technology

Time Type: Full time

Minimum Clearance Required to Start: TS/SCI

Employee Type: Regular

Percentage of Travel Required: Up to 10%

Type of Travel: Local

The Opportunity:

CACI is seeking a skilled and experienced Cyber Defense Analyst (Level 2) to join our dynamic team to support a DoD client in Suitland, MD. The ideal candidate will possess a robust background in Computer Network Defense (CND), with a proven track record in monitoring, investigating, and responding to cybersecurity threats. This role requires a proactive individual with strong analytical skills, excellent communication abilities, and a comprehensive understanding of IT systems and networks.

Responsibilities:

• Monitor and investigate alerts from cybersecurity tools to identify potential threats and malicious activities.
• Utilize Network Intrusion Detection/Prevention Systems (NIDPS) and Security Information and Event Management (SIEM) systems to analyze network traffic and detect anomalies.
• Develop and implement computer network defense tactics, techniques, and procedures (TTPs).
• Create and maintain "best practices," manuals, and standard operating procedures in alignment with Federal, DoD, IC, and industry standards.
• Participate in incident management lifecycle processes, including identification, categorization, eradication, response, recovery, and mitigation of cybersecurity incidents and breaches.
• Conduct penetration testing and Red Teaming activities to assess and enhance the security posture of the organization.
• Perform malware detection and analysis, IDS/IPS rule/signature writing, and countermeasure development.
• Utilize scripting and coding languages to automate tasks and enhance security measures.
• Collaborate with cross-functional teams to ensure the integrity and security of IT systems and networks.
• Provide briefings, write reports, and disseminate intelligence related to cybersecurity threats and incidents.

Qualifications:

Required:

• BA/BS in Computer Science, Information Technology, Information Assurance, or a related field is desired.
• TS/SCI Clearance
• Alternatively, 8+ years of relevant professional experience in CND or related fields.
• Must have 5+ years of concentrated experience in CND.
• 3+ years of professional experience in monitoring and investigating alerts from cybersecurity tools.

Skills and Abilities:

• Effective interpersonal, organizational, time management, writing/documentation, and briefing skills with strong attention to detail.

• Strong analytical, conceptual, and problem-solving skills.

• Proven ability to communicate effectively and develop/present presentations.

• Ability to think outside the box by utilizing IT knowledge and cybersecurity tool output to discover instances of malicious activity.

• Proven ability to prioritize, execute, and complete tasks with little to no direction in a high-pressure environment.

• Moderate experience utilizing Federal, DoD, IC, and industry standards.

• Moderate experience in the development and implementation of CND TTPs.

• Moderate experience in the operational use of NIDPS (e.g., Cisco Fire Power, Palo Alto NGFW) and host-based intrusion detection/prevention systems (e.g., Trellix ePO, Microsoft Defender, Tanium).

• Moderate experience in the operational use of SIEM systems (e.g., Splunk, Elastic).

• Moderate knowledge of policies and processes related to CND execution.

• Moderate knowledge of incident management lifecycle processes.

• Moderate knowledge of network security architecture concepts, including topology, protocols, and components.

• Knowledge of common adversary TTPs in assigned areas of responsibility.

• Moderate knowledge of common enterprise services such as domain controllers, print, email, DNS, and web servers.

• Knowledge of network traffic packet captures with capabilities such as Wire Shark or NIKSUN.

• Moderate knowledge in identifying and classifying attack vectors, malware detection and analysis, IDS/IPS rule/signature writing, and countermeasure development.

• Moderate knowledge of firewall rules and routing rules.

• Moderate knowledge of scripting and coding languages (e.g., Python, Perl, Ruby, JavaScript

What You Can Expect: A culture of integrity.

At CACI, we place character and innovation at the center of everything we do. As a valued team member, you’ll be part of a high-performing group dedicated to our customer’s missions and driven by a higher purpose – to ensure the safety of our nation.

An environment of trust.

CACI values the unique contributions that every employee brings to our company and our customers - every day. You’ll have the autonomy to take the time you need through a unique flexible time off benefit and have access to robust learning resources to make your ambitions a reality.

A focus on continuous growth.

Together, we will advance our nation's most critical missions, build on our lengthy track record of business success, and find opportunities to break new ground — in your career and in our legacy.

Pay Range:

There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits.

The proposed salary range for this position is:

$86,600 - $181,800

CACI is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, age, national origin, disability, status as a protected veteran, or any other protected characteristic.