Cyber Incident Response Analyst (SME)

Job description

Cyber Incident Response Analyst (SME)

Job Category: Information Technology

Time Type: Full time

Minimum Clearance Required to Start: TS/SCI

Employee Type: Regular

Percentage of Travel Required: Up to 10%

Type of Travel: Continental US

* * *

**The Opportunity:**

Our client is seeking a Cyber Incident Response Analyst (SME) that will join the Cyber Security Incident Response Team on the DCGS Management Center (DMC) program located at Langley AFB that is highly motivated with a strong system administration background.

The ideal candidate will be adept in both Windows and Linux environments, possess hands-on experience with ELK/Elastic Stack for threat detection and analysis, and demonstrate the ability to follow established Incident Response (IR) process with minimal supervision.

The successful candidate will perform the following responsibilities onsite:

(SHIFT WORK)

**Responsibilities**

+ Lead and assist in incident response investigations through all phases (detection, containment, eradication, recovery, lessons learned) to ensure the confidentiality, integrity, and availability of the OA DCGS weapon system.
+ Utilize ELK/Elastic Stack to perform log analysis, threat detection, and investigations; Create and maintain security incident reports and dashboards.
+ Escalate and document internal/external security incidents through appropriate ticketing and reporting processing
+ Design, implement, and maintain cybersecurity SOPs and incident playbooks
+ Maintain documentation of IR processes and case notes; Ensure security testing and evaluations are completed and properly documented.
+ Support proactive threat hunting and vulnerability assessments
+ Analyze and correlate logs from varied data sources to identify patterns and anomalies
+ Understand network protocols and establish baselines to identify abnormal activity
+ Perform cyber threat analysis and reporting on information from both internal and external sources and appropriately apply gathered cyber threat intelligence to defending the enterprise network.
+ Apply knowledge of Zero-Day vulnerabilities and CVEs to incident handling and remediation
+ Collaborate with cross-functional teams and external stakeholders as needed
+ Provide guidance for securing information systems and support cyber vulnerability penetration assessments.
+ Operate independently during shifts and respond to security alerts with urgency

**Qualifications:**

_Required:_

+ Top Secret/SCI security clearance.
+ Bachelor’s degree in IT Technology, Computer Science, or related field with 4+ year's of experience.

Degree may be substituted with additional years of experience.
+ DOD 8140 (8570) IAT Level II (Security+ or equivalent).
+ Strong system administration skills across Windows and Linux platforms
+ In-depth understanding of the Incident Response lifecycle
+ Proficiency in using the Elastic Stack (Elasticsearch, Logstash, Kibana)
+ Familiarity with enterprise security tools and procedures
+ Strong problem-solving and analytical skills
+ Comfortable working with limited supervision in a shift-work setting
+ Availability to work weekends and holidays as part of our 24/7 operations.

_Desired:_

+ AF DCGS experience.
+ Four to seven years of intelligence network communications or Systems Administration experience.
+ Knowledge of security best practices and standards, including NIST, ISO, and SOC operations.
+ Experience with AWS and/or other cloud security platforms
+ Background as an ISSO, including STIG/SCAP and vulnerability management
+ Familiarity with tools such as Tanium, Trellix, and ACAS
+ Understanding of network architecture and traffic analysis
+ Basic scripting skills (Python, PowerShell, Bash)
+ Elastic certification or SME-level expertise
+ Effective written and verbal communication skills for documentation and collaboration

-
**________________________________________________________________________________________**

**What You Can Expect:**

**A culture of integrity.**

At CACI, we place character and innovation at the center of everything we do.

As a valued team member, you’ll be part of a high-performing group dedicated to our customer’s missions and driven by a higher purpose – to ensure the safety of our nation.

**An environment of trust.**

CACI values the unique contributions that every employee brings to our company and our customers - every day.

You’ll have the autonomy to take the time you need through a unique flexible time off benefit and have access to robust learning resources to make your ambitions a reality.

**A focus on continuous growth.**

Together, we will advance our nation's most critical missions, build on our lengthy track record of business success, and find opportunities to break new ground — in your career and in our legacy.

**Your potential is limitless.** So is ours.

Learn more about CACI here.

(https://careers.caci.com/global/en/life-at-caci)

**________________________________________________________________________________________**

**Pay Range** : There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications.

Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.

We offer competitive compensation, benefits and learning and development opportunities.

Our broad and competitive mix of benefits options is designed to support and protect employees and their families.

At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits.

Learn more here (https://careers.caci.com/global/en/employee-benefits) .

The proposed salary range for this position is:

$75,200-$158,100

_CACI is_ _an Equal Opportunity Employer._ _All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, age, national origin, disability, status as a protected veteran, or any_ _other protected characteristic._

Required Skill Profession

Other General