5+ years of experience
Concerned about your lack of experience? Learn More...
Employment Type:
Full time
Job Category:
Information Services
SIEM Network Security Analysts Job
(This job is no longer available)
Tell Us More About Your Job Preferences
By telling us what you think of this job, we can help find jobs that match your interests. If you want to see more jobs like this, click on the smiley face. Or if this job isn't what you are looking for, click the frowny face. Learn More...
Grad Date

Not sure what types of jobs you are interested in?

Explore Jobs
Based on Your Education

Follow This Company

Job Description

Job Requisition Number: 109365
Category: Information Systems - Security
Primary Location: Springfield, VA, US
Security Clearance: TS/SCI
Clearance Status: Must be Current
Schedule: Full Time
Type of Travel: Continental US
Percent of Travel Required: Up to 10%


At CACI, we don't just hire you for a job; we hire you for a career. CACI recruits, retains, and develops a diverse range of talent to create an environment that fuels innovation and fosters continuous improvement and success. We empower you to forge your path while providing you with the tools, guidance, and flexibility needed to accomplish your career goals. CACI has a clear, defined strategy that has guided our success for over fifty years.

Consider a career with CACI, where you will have the opportunity to make an immediate impact by providing the information technology and consulting solutions America needs to defeat global terrorism, secure our homeland, and improve government services.

Duties and Responsibilities:

CACI has an immediate opening for an IDS Network Security Analyst to support a Government client in Computer Network Defense. The candidate will perform independent assessment of information security posture for the organization using applicable tools such as ArcSight, Wireshark, Sourcefire, etc.; Monitor security systems and analyze potential threats to client systems; Prepare and present evaluation reports regarding security incidents. The candidate should have be familiar with a wide range of security tools and understand basic security fundamentals

Under general supervision, the IDS Network Security Analyst will:
- Conduct analysis for detecting and evaluating cyber events and/or intrusions.
- Conduct briefings to senior leadership, as required by the government.
- Monitor for potential compromise, intrusion, deficiency, significant event, or threat to the security posture and security baseline.
- Perform daily IDS and IPS analysis/monitoring and generating technical and executive summary reports.
- Conduct incident response IAW DoD/IC policy (Chairman of the Joint Chiefs Staff Manual/CJCSM 6510, Intelligence Community Standard/ICS 502, and industry best practices such as NIST Special Publication 800-61).
- Apply knowledge of information security services/analysis concepts, practices, and procedures.
- Research, design, develop, deploy, configure, administer, and maintain enterprise-wide Intrusion Detection System (IDS), Intrusion Prevention System (IPS), and Security Information/Event Management (SIEM) infrastructure.
- Conduct analyses of existing solutions to incorporate requested enhancements.
- Review/analyze requested changes for equipment, technology and/or other factors/trends, which may affect existing solution.
- Research current cyber events and/or intrusions for impact to customer systems.
- Implement government IDS and IPS design/deployment with government approval.
- Develop/write custom IDS and IPS signatures and update proprietary signatures with government approval.
- Develop SOP and other technical documentation for the IDS infrastructure IAW with current government policy.
- Consult with hardware, communications, database experts, and /or vendors to ensure system viability.
- Follow intrusion and escalation processes and procedures IAW with current government policy.
- This position is on a shift schedule, working a 2-2-3 Panama schedule.

Required Qualifications:
This positions requires a current TS//SCI and the ability to pass a polygraph within 60 days of hire.

Although typically requiring a bachelor's degree, or equivalent, and seven to nine years of related experience, this contract requires:
- Any Bachelor's degree;
- 7-10 years' experience in related field with minimum 4 years in SIEM tool analysis;
- DoD 8570 Management Level II;
- Event and Incident Analysis;
- Experience with different reporting formats;
- Experience using Correlation Rules.

Education and Experience:
- Any Bachelor's degree;
- 7-10 years' experience in related field with minimum 4 years in SIEM tool analysis;

Desired Qualifications:
- Bachelor's degree in Computer Information Systems, Computer Science, Information Technology, Information Science, Information Systems, or a related academic disciplines of science, technology, engineering, or mathematics
- ISC2 recognized professional certifications
- Filtering of event data into dashboards
- SIEM Content Engineering Experience
- Demonstrated Experience in Cyber Intelligence briefing preparation and presentation

Physical Demands:
Normal demands associated with an office environment. Ability to work on computer for long periods, and communicate with individuals by telephone, email, and face to face.

This position can consist of shift work with the expectation of working 12-hour shifts. There is the possibility of working nights.

Company Description:
CACI employs a diverse range of talent to create an environment that fuels innovation and fosters continuous improvement and success. Join CACI, where you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian clients. A member of the Fortune 1000 Largest Companies and the Russell 2000 Index, CACI provides dynamic careers for approximately 15,000 employees working in over 120 offices worldwide.

CACI is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities.

About CACI International Inc

CACI International Inc (CACI) along with its wholly owned subsidiaries and joint ventures, is an international information systems, high technology services, and professional services corporation. It delivers professional services and information technology solutions to its clients, primarily the United States government. Other customers include state and local governments, commercial enterprises and agencies of foreign governments. The Company operates two units: domestic operations and international operations. CACI delivers professional services and information technology (IT) solutions to its clients. Its services are primarily targeted to the areas of defense, intelligence, homeland security and IT modernization. In February 2010, the Company announced that it has completed its transaction to acquire SystemWare, Inc.