CACI International Network Security Specialist in Chantilly, Virginia
CACI is currently looking for outstanding IT candidates to join our TSA IT Management, Performance Analysis, and Collaborative Technologies (IMPACT) team in the National Capital Region (NCR) and throughout the United States. CACI will provide a variety of IT services through IMPACT including cyber security, identity and access management, risk management, cloud integration and engineering, field support services, service desk, application deployment and optimization, and operations center support services. CACI will support TSA in both classified and unclassified IT operational environments increasing availability and security for a variety of applications and systems. IMPACT services will integrate with the broader DHS mission and enhance existing Department-wide IT capabilities.
The network security specialist is responsible for the health and maintenance of TSA’s network security appliances, including web proxies and intrusion detection systems.
Technical analysis of network activity; the analyst monitors and evaluates network flow data, signature-based IDS events and full packet capture (PCAP) data. • Triage IDS alerts; collect related data from various network analysis systems, review available open and closed source information on related threats & vulnerabilities, prepare initial summary reports.
Monitor and analyze signature-based IDS alerts and associated packet (PCAP) data. Analyze network flow data for anomalies and to correlate reporting with enterprise-wide network activity.
Lightweight programming/scripting skills to automate analytics are a plus. Document key event details and analytic findings in an incident management system.
Perform high-level incident handling functions to include: Provide oversight and assessment of incident response and triage actions across a large enterprise, Identify & extract network indicators from incident reporting and published technical advisories/bulletins, Perform incident correlation & escalation.
Recommend new IDS signatures and detection strategies.
Produce final reports and review incident reports from junior analysts.
Communicate and collaborate with analysts from other SOC organizations to investigate cyber events.
Assess cyber indicators/observables and collaborate in the development of IDS signatures and detection mechanisms.
Monitor and report on trends and activity on network sensor platforms.
Provide technical assessments of cyber threats and vulnerabilities.
Fuse open-source threat & vulnerability information with data collected from sensors across the enterprise.
Produce and update network analysis and incident handling documentation.
Ability to obtain a DOD Security Clearance
Ability to obtain a DHS Entrance on Duty (EOD)
Bachelor’s degree or Associates/Vocational/Technical education or equivalent and 1-2 years work experience.
Flexible – The environment is highly dynamic. You will be expected to keep up with the changing environment while ensuring a high level of operational effectiveness.
Team Player – This role is part of a much larger team
Basic/working knowledge of security concepts, protocols, processes, architectures and tools (authentication & access control technologies, intrusion detection, network traffic analysis, SIM technology, incident handling, media/malware analysis, etc.).
Basic/working knowledge of networking concepts, protocols and architectures (OSI-model, TCP/IP, major application protocols such as DNS/HTTP/SMTP, LAN/WANs, VPNs, routers/routing, addressing, etc.).
Ability to produce results in a fast-paced environment with the ability to meet iterative deadlines.
Relevant DHS focused experience
Experience working within the Federal government technology community a plus
Knowledge of cyber policy & issues, the global cyber community, roles of major organizations how they interrelate and interact, and shortcomings in this structure.
Awareness of the common cyber products and services, an understanding of their limitations, and a comprehensive understanding of the disciplines of cyber security.
What We Can Offer You:
We’ve been named a Best Place to Work by the Washington Post.
Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
We offer competitive benefits and learning and development opportunities.
We are mission-oriented and ever vigilant in aligning our solutions with the nation’s highest priorities.
For over 55 years, the principles of CACI’s unique, character-based culture have been the driving force behind our success.
CACI employs a diverse range of talent to create an environment that fuels innovation and fosters continuous improvement and success. At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is proud to provide dynamic careers for employees worldwide. CACI is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities.