CACI International Security Analyst in San Antonio, Texas
CACI has an exciting job opportunity for a Security Analyst at our Lackland AFB location in San Antonio,Texas.
What You’ll Get to Do:
Work with other contractors’ Team Leaders and the Government Contracting Officer’s Representative (COR) to accomplish Government requirements, goals, and mission objectives as efficiently and effectively as possible. This shall include, but is not limited to, sharing or coordinating information resulting from the work required by this SOW or previous Government efforts and working as a team to perform tasks in concert.
Assist other active duty, government civilians, and contractors assigned to the same functional areas to raise the level of proficiency and effectiveness of the team performing that function.
Provide technical reports, meeting minutes, program plans, concepts of operations, contingency plans, and related documentation as identified for task deliverables
Prepare and disseminate operational reports. A list of operational reports shall include, but is not limited to, AF Computer Emergency Response Team (AFCERT) daily operations report (DOR), operation report (OPREP), and situational report (SITREP), incident response, law enforcement, and recovery operations reports, Information protection bulletins (IP Bulletins), AFCERT Time Compliance Network Orders (TCNOs), malicious logic/virus notifications, INFOCONs, and other messages.
Support real-time monitoring of all assigned IPS/IPS deployed and supporting the AFCENT/CENTCOM mission
Monitor network traffic to provide event correlations of operational traffic from multiple locations to determine network security posture
Use standard/provided network tools to evaluate traffic for incident response analysis
Coordinate and execute JTF-GNO Information Assurance Vulnerability Alert (IAVA) notices as applicable on CENTCOM networks/systems with the AFCENT NOSC
Maintain IDS/IPS devices to ensure they are operating at optimal efficiency
Maintain Crew certification as required to operate on CENTCOM, AFCENT, and AF networks
Conduct network security monitoring and intrusion detection analysis using the AFCENT/CENTCOM security tools to include but is not limited to IDS/IPS, firewall, proxy, router logs. Mission-specific operational training (i.e., process/procedures and checklist familiarization) will be conducted by the government to maintain operational proficiency. The contractor shall be trained, tested, certified, and periodically evaluated by Stan/Eval processes IAW operational position requirements.
Research Net Defense (NetD) events to determine the necessity for deeper analysis and conduct an initial assessment of type and extent of intruder activities. Enters event data into mission support systems according to operational procedures and reports to meet AFCENT mission/tasking. The contractor shall produce a Suspicious Event Report (SER) for suspicious traffic meeting established thresholds. These SERs shall contain sufficient information to facilitate future research of suspicious traffic. The SERs shall answer the who, why and when for this suspicious activity. The contractor shall compile SERs and other artifacts to support event escalation to Incident Response.
Provide pass-on information to bring incoming crews up to speed on latest suspicious traffic seen from a given port, IP, etc. The contractor shall coordinate with the Crew Commander for authorization before departing after pass-on to incoming shift.
Provide reporting and computer security-related assistance to AFCENT Network Operations & Security Center in countering vulnerabilities, minimizing risk, and improving the security posture of CENTCOM computer networks and systems supporting AFCENT’s operational requirements and mission execution.
Provide focused NetD, tailored analysis and monitoring operations of specified sensor locations during contingency operations and in support of named NetD operations and exercises.
Track trends of authorized an unauthorized activity
Correlate unusual and suspicious network activity across CENTCOM. Validate unusual network activity unique to a geographical regions and sensor locations
Provide an overall site-analysis profile to serve as a benchmark to identify unusual or suspicious activity
Assist in completion of NetD statistical and trend data and operational event reporting when requested
Maintain current knowledge on new vulnerabilities and exploits. Develop methods to detect and prevent intrusive activities utilizing these new vulnerabilities and exploits. Assist NOSC-IA to develop countermeasures (to include IDS/IPS signature development and correlation rule sets) to isolate, contain and prevent intrusive actives and secure AFCENT/CENTCOM networks
You’ll Bring These Qualifications:
Other certifications desired:
Minimum 2 years DoD Network Security / Information Assurance / Cyber, preferably USAF
2 years’ experience with Enterprise IT Networks
What We Can Offer You:
We’ve been named a Best Place to Work by the Washington Post.
Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
We offer competitive benefits and learning and development opportunities.
We are mission-oriented and ever vigilant in aligning our solutions with the nation’s highest priorities.
For over 55 years, the principles of CACI’s unique, character-based culture have been the driving force behind our success.
US-San Antonio-TX-SAN ANTONIO
CACI employs a diverse range of talent to create an environment that fuels innovation and fosters continuous improvement and success. At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is proud to provide dynamic careers for employees worldwide. CACI is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities.