CACI International Inc · 3 hours ago
Cyber Incident Response Analyst
Hampton, VA
Full-time
Onsite
Senior Level
$75K/yr - $158K/yr
5+ years expCACI International Inc is seeking a Cyber Incident Response Analyst to join their Cyber Security Incident Response Team. The role involves leading incident response investigations, utilizing ELK/Elastic Stack for threat detection, and maintaining cybersecurity documentation and SOPs.
Information TechnologyService IndustrySoftware
No H1B
Security Clearance RequiredU.S. Citizen Only
Responsibilities
Lead and assist in incident response investigations through all phases (detection, containment, eradication, recovery, lessons learned) to ensure the confidentiality, integrity, and availability of the OA DCGS weapon system
Utilize ELK/Elastic Stack to perform log analysis, threat detection, and investigations; Create and maintain security incident reports and dashboards
Escalate and document internal/external security incidents through appropriate ticketing and reporting processing
Design, implement, and maintain cybersecurity SOPs and incident playbooks
Maintain documentation of IR processes and case notes; Ensure security testing and evaluations are completed and properly documented
Support proactive threat hunting and vulnerability assessments
Analyze and correlate logs from varied data sources to identify patterns and anomalies
Understand network protocols and establish baselines to identify abnormal activity
Perform cyber threat analysis and reporting on information from both internal and external sources and appropriately apply gathered cyber threat intelligence to defending the enterprise network
Apply knowledge of Zero-Day vulnerabilities and CVEs to incident handling and remediation
Collaborate with cross-functional teams and external stakeholders as needed
Provide guidance for securing information systems and support cyber vulnerability penetration assessments
Operate independently during shifts and respond to security alerts with urgency
Qualification
Required
Top Secret/SCI security clearance
Bachelor's degree in IT Technology, Computer Science, or related field. Degree may be substituted with additional years of experience
Minimum 5 years of related experience
DOD 8140 (8570) IAT Level II (Security+ or equivalent)
Strong system administration skills across Windows and Linux platforms
In-depth understanding of the Incident Response lifecycle
Proficiency in using the Elastic Stack (Elasticsearch, Logstash, Kibana)
Familiarity with enterprise security tools and procedures
Strong problem-solving and analytical skills
Comfortable working with limited supervision in a shift-work setting
Availability to work weekends and holidays as part of our 24/7 operations
Preferred
AF DCGS experience
Four to seven years of intelligence network communications or Systems Administration experience
Knowledge of security best practices and standards, including NIST, ISO, and SOC operations
Experience with AWS and/or other cloud security platforms
Background as an ISSO, including STIG/SCAP and vulnerability management
Familiarity with tools such as Tanium, Trellix, and ACAS
Understanding of network architecture and traffic analysis
Basic scripting skills (Python, PowerShell, Bash)
Elastic certification or SME-level expertise
Effective written and verbal communication skills for documentation and collaboration
Benefits
Healthcare
Wellness
Financial
Retirement
Family support
Continuing education
Time off benefits
Company
CACI International Inc
At CACI International Inc (NYSE: CACI), our 25,000 talented and dynamic employees are ever vigilant in delivering distinctive expertise and technology to meet our customers’ greatest challenges in national security.
10001+ employees
Funding
Current Stage
Public CompanyTotal Funding
$1B2025-05-21Post Ipo Debt· $1B
2003-01-10IPO
Leadership Team
John Mengucci
President & CEO
Darryl W Burke
Senior Vice President / Air Force Client Executive
Recent News
2025-12-30
2025-12-30
2025-12-27
Company data provided by crunchbase