CACI International - Springfield, VA
posted 4 months ago
CACI is seeking a Cybersecurity Operations Analyst II to support the National Geospatial-Intelligence Agency (NGA) under the Transport & Cybersecurity Services (TCS) contract. This role is critical in providing the IT infrastructure services necessary for national security, ensuring timely and accurate support across multiple networks and security domains. The position may be based in either Springfield, VA or Saint Louis, MO, and requires a minimum clearance of TS/SCI, with the expectation of obtaining a CI Poly within six months of employment. As a Cybersecurity Operations Analyst II, you will coordinate and implement tasks related to cybersecurity incident response. This includes performing analysis and documenting response activities during incidents, such as implementing containment measures, blocking IPs and domains, and disabling user accounts as directed by the Government. You will work closely with various security and intelligence offices, including the Security and Installations Directorate and the Insider Threat Office, to conduct advanced investigations and triage incidents. Your role will also involve collaborating with stakeholders to produce security incident reports, categorizing incidents, and ensuring proper reporting and eradication of threats. In addition to incident response, you will be responsible for developing and executing custom scripts and tools for data collection and analysis, performing digital media analysis, and providing adversary attribution. You will also engage in malware analysis and signature development, contributing to daily and weekly cybersecurity operations updates. The position requires a proactive approach to developing incident investigation reports that document the lifecycle of incidents, including adversary and friendly forces activity, and recommendations for corrective actions. This role is essential in maintaining the integrity of NGA networks and systems, and you will be expected to perform quality control reviews of closed tickets to ensure proper analysis and documentation. The ideal candidate will have a strong background in cybersecurity operations, with the ability to work flexible shifts and a commitment to continuous growth and learning within the field.