More jobs:
Job Description & How to Apply Below
Cyber Incident Response Analyst Job Category:
Information Technology Time Type:
Full time Minimum Clearance Required to Start: TS/SCI Employee Type:
Regular Percentage of
Travel Required:
Up to 10% Type of Travel:
Local *
*
* The Opportunity:
Our client is seeking a Cyber Incident Response Analyst that will join the Cyber Security Incident Response Team on the DCGS Management Center (DMC) program located at Langley AFB that is highly motivated with a strong system administration background. The ideal candidate will be adept in both Windows and Linux environments, possess hands-on experience with ELK/Elastic Stack for threat detection and analysis, and demonstrate the ability to follow established Incident Response (IR) process with minimal supervision.
The successful candidate will perform the following responsibilities onsite: (SHIFT WORK) Responsibilities
* Lead and assist in incident response investigations through all phases (detection, containment, eradication, recovery, lessons learned) to ensure the confidentiality, integrity, and availability of the OA DCGS weapon system.
* Utilize ELK/Elastic Stack to perform log analysis, threat detection, and investigations;
Create and maintain security incident reports and dashboards.
* Escalate and document internal/external security incidents through appropriate ticketing and reporting processing
* Design, implement, and maintain cybersecurity SOPs and incident playbooks
* Maintain documentation of IR processes and case notes;
Ensure security testing and evaluations are completed and properly documented.
* Support proactive threat hunting and vulnerability assessments
* Analyze and correlate logs from varied data sources to identify patterns and anomalies
* Understand network protocols and establish baselines to identify abnormal activity
* Perform cyber threat analysis and reporting on information from both internal and external sources and appropriately apply gathered cyber threat intelligence to defending the enterprise network.
* Apply knowledge of Zero-Day vulnerabilities and CVEs to incident handling and remediation
* Collaborate with cross-functional teams and external stakeholders as needed
* Provide guidance for securing information systems and support cyber vulnerability penetration assessments.
* Operate independently during shifts and respond to security alerts with urgency
Qualifications:
Required:
* Top Secret/SCI security clearance.
* Bachelor's degree in IT Technology, Computer Science, or related field. Degree may be substituted with additional years of experience.
* Minimum 5 years of related experience
* DOD 8140 (8570) IAT Level II (Security+ or equivalent).
* Strong system administration skills across Windows and Linux platforms
* In-depth understanding of the Incident Response lifecycle
* Proficiency in using the Elastic Stack (Elasticsearch, Logstash, Kibana)
* Familiarity with enterprise security tools and procedures
* Strong problem-solving and analytical skills
* Comfortable working with limited supervision in a shift-work setting
* Availability to work weekends and holidays as part of our 24/7 operations. Desired:
* AF DCGS experience.
* Four to seven years of intelligence network communications or Systems Administration experience.
* Knowledge of security best practices and standards, including NIST, ISO, and SOC operations.
* Experience with AWS and/or other cloud security platforms
* Background as an ISSO, including STIG/SCAP and vulnerability management
* Familiarity with tools such as Tanium, Trellix, and ACAS
* Understanding of network architecture and traffic analysis
* Basic scripting skills (Python, Power Shell, Bash)
* Elastic certification or SME-level expertise
* Effective written and verbal communication skills for documentation and collaboration - ________________________________________________________________________________________ What You Can Expect: A culture of integrity. At CACI, we place character and innovation at the center of everything we do. As a valued team member, you'll be part of a high-performing group dedicated to our customer's missions and driven by a higher purpose - to ensure the safety of our nation.
An environment of trust. CACI values the unique contributions that every employee brings to our company and our customers - every day. You'll have the autonomy to take the time you need through a unique flexible time off benefit and have access to robust learning resources to make your ambitions a reality. A focus on continuous growth. Together, we will advance our nation's most critical missions, build on our lengthy track record of business success, and find opportunities to break new ground - in your career and in our legacy.
Your potential is limitless. So is ours. Learn more about CACI here. ________________________________________________________________________________________ Pay Range:
There are a host of factors that can influence final salary including, but not limited to, geographic location,…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×