Identifies system security vulnerabilities and designs or deploys solutions that support a high availability system and enhances security compliance baselines using COTS and GOTS enterprise level cyber security tools and applications. Able to work independently or leading teams to perform technical planning, system integration, verification and validation, risk assessments, and supportability and effectiveness analyses for computer security products and systems.
You’ll Bring These Qualifications:
Understand and identify new vulnerabilities and attack vectors to actively hunt for threats across multiple networks.
Assist with creating sensor/packages to support custom security requirements and building of Splunk dashboards that provide comprehensive security awareness to senior leadership.
Collaborate with clients regarding the nature of the system vulnerabilities and recommended remediation steps.
Ability to use various COTS and custom platforms to gather security statistic to proactively scan the enterprise for malware.
Ensure the logical and systematic conversion of customer or product requirements into total systems solutions that acknowledge technical, schedule, and cost constraints.
Test and monitor computer systems, including coordinating the installation of computer programs and systems.
Analyze and study complex system requirements.
Apply the Concept of Operations (CONOPs) set of disciplines for the planning, analysis, design, construction and operation of information systems across a major sector of the organization.
Develop analytical and computational techniques and methodology for problem solutions.
Test, debug, and assist in the refinement of system products.
Prepare required documentation, including both program-level and user-level documentation.
Assist in establishing standards for information security systems procedures.
Minimum of 4 years or more experience working, maintaining, and deploying enterprise level monitoring tools
Experience and understanding working with ICD-503 and the associated risk management assessment for enterprise systems.
Intrusion detection (IDS)/Host-Based IDS.
One or more program languages and ability to build/automate efficient and effective scripts (VBScripts, PowerShell, WMI, C#, Java, SQL. Python, C++, XML).
Identification, collection, and examination of security threats
Deployment, administration support, and maintenance of servers in a large-scale enterprise.
Collection, processing, and analysis of data and information to create threat intelligence indicators.
Malware identification, analysis, and event resolution.
Security Information Event Management (SIEM).
Reviewing and analyzing security audits and computer logs to improve endpoint security measures.
These Qualifications Would be Nice to Have:
Operations and on-going administrative of Tanium software suite
Collecting, ingesting, analyzing, and visualizing machine data with Splunk.
Splunk dashboards and creating complex queries.
Splunk Security App.
Splunk Knowledge Manager or Splunk Power user.
Familiarity working with COTS related security application suites (McAfee, Symantec etc.)
Experience working and collaborating with Computer Incident Response Team (CIRT)
What We Can Offer You:
- We’ve been named a Best Place to Work by the Washington Post.
- Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
- We offer competitive benefits and learning and development opportunities.
- We are mission-oriented and ever vigilant in aligning our solutions with the nation’s highest priorities.
- For over 55 years, the principles of CACI’s unique, character-based culture have been the driving force behind our success.