Cybersecurity Operations Analyst II

About the position

CACI is seeking a Cybersecurity Operations Analyst II to support the National Geospatial-Intelligence Agency (NGA) under the Transport & Cybersecurity Services (TCS) contract. This role is critical in providing IT infrastructure services that ensure timely, relevant, and accurate support for national security. The Cybersecurity Operations Analyst II will be responsible for coordinating and implementing tasks related to cybersecurity incident response, which includes performing analysis and documenting response activities. This may involve implementing containment measures, blocking IPs and domains, and disabling user accounts as directed by the Government. The analyst will work closely with various security and counterintelligence offices, including the Security and Installations Directorate and the Insider Threat Office, to conduct advanced investigations and triage incidents. They will also collaborate with other organizations to ensure incidents are reported, contained, and eradicated effectively. The role requires building timelines, documentation, and briefings to inform stakeholders about incident response actions and the impact of adversary activities. In addition to incident response, the Cybersecurity Operations Analyst II will perform malware analysis, develop signatures, and contribute to daily and weekly reports on cybersecurity operations. They will also execute Defensive Cyberspace Operations on behalf of the NGA and conduct digital media analysis to respond to incidents. The position demands a high level of detail in documenting actions taken and analysis performed, ensuring that all activities can be systematically reconstructed. The analyst will also be responsible for developing and maintaining custom scripts and tools for data collection and analysis, as well as providing adversary attribution and identifying indicators of compromise.