CACI is currently looking for candidates to join our TSA IT Management, Performance Analysis, and Collaborative Technologies (IMPACT) team in the Washington D.C. area and throughout the country.
The IT support services under IMPACT will provide TSA with comprehensive IT services across a broad spectrum of evolving technologies. Services include: servers, desktop/mobile and enterprise applications, environments for application development and testing, system applications, local and wide area networks, data hosting centers, operational support centers, customer support services, desktop services, collaboration services, telecommunications, data analytics, and information security.
IMPACT will provide TSA with operational IT services necessary for TSA users of unclassified and classified voice, video, and data systems. In addition, IMPACT will provide support for connectivity and interface with the Department
of Homeland Security (DHS) and other internal and external partner agencies and entities for their overall mission achievement.
POSITION SUMMARY: Subject Matter Expert / SME on ArcSight Enterprise Security Manager (ESM) software product and industry best practices around Security Operations. Use ArcSight ESM in daily operational work and workflow. Administer ArcSight ESM software platform at the customer site, and advise customers on best practices and use cases on how to use ArcSight.
Provides support to plan, coordinate, and implement the organization's information security. Provides support for facilitating and helping agencies identify their current security infrastructure and define future programs, design and implementation of security related to IT systems. Provides support for facilitating and helping agencies identify their current security infrastructure and define future programs, design and implementation of security related to IT systems. A working knowledge of several of the following areas is required: understanding of business security practices and procedures; knowledge of current security tools available; hardware/software security implementation; different communication protocols; encryption techniques/tools; familiarity with commercial products, and current Internet/EC technology.
EDUCATION & EXPERIENCE:
5+ years' experience with ArcSight ESM, and 5-10 years in security administration in a large, complex environment; experience with enterprise-class security products such as web proxy, reverse proxy, load balancing, IDS/IPS, DLP, Firewall, IPsec/SSL VPN, WAN/LAN, wireless and remote connectivity.
Demonstrated knowledge and experience implementing, monitoring, and upgrading security technology and administrative controls necessary to safeguard computer information data and systems; may be responsible for administration of security tools to maintain security controls, including firewalls, intrusion detection systems, NAC, SIEM, and data loss prevention technologies.
Knowledge of IT infrastructure security, including windows, Unix/Linux, desktop/laptop, and mobile security, hands-on experience in packet capturing and analyzing log, as well as knowledge of cryptography and PKI; compliance frameworks and requirements such as NIST, PCI, HIPAA, HITECH, SOX etc.; threat landscape, security threat and vulnerability management, and security monitoring and analytics.