CybersecurityJobs.io
← Back to all jobs
CACI

Advanced Cybersecurity Analytics Engineer III

CACI
St. Louis, MO $75k - $158k/yr Full time Posted 13h ago
Senior Bash Computer Skills Cybersecurity Tools Data Analytics Engineer Hex Editor Incident Response Information Security Information Technology (IT) Infosec IT Operations PowerShell Scripting Security Security Automation Security Information And Event Management Software Engineering
Apply Now

Job Description

This onsite Advanced Cybersecurity Analytics Engineer III role offers a culture built on integrity, collaboration, and growth. You will contribute to defensive countermeasures, analyze data to identify and prevent breaches, and tune SIEM rules and signatures in close partnership with Defensive Cyber Operations and related teams. The position is based in St. Louis, MO, with a path for continuous learning and professional development supported by a robust resources ecosystem.

Benefits

  • Healthcare
  • Wellness
  • Financial
  • Retirement
  • Family support
  • Continuing education
  • Time off benefits
  • Learning resources

Compensation

Salary range: USD 75,200 – 158,100 per year.

The Opportunity

Reporting to the Lead of Focused Operations within the Defensive Cyber Operations framework, you will develop and maintain enterprise defensive countermeasures in a fusion operating model. The role entails proactive collaboration with Focused Operations and other Cybersecurity Operations Services to prevent compromises and eradicate persistent adversaries, leveraging a variety of methods and tools to strengthen the security posture across the organization.

What You Can Expect

Expect a culture centered on character and innovation, with teammates dedicated to protecting critical missions. You will have autonomy and flexibility, supported by a time-off framework and access to extensive learning resources. The organization emphasizes continuous growth, aiming to advance critical missions while expanding career opportunities and building a lasting legacy.

Responsibilities

  • Analyze data trends on NGA networks to identify and forecast previously undiscovered events, developing or tuning rules, signatures, or scripts as needed.
  • Collaborate with Defensive Cyber Operations and Focused Operations to develop or tune rules, signatures, or scripts.
  • Work with other Cybersecurity Operations Services to investigate potential sources of compromise on enterprise systems and develop or tune rules, signatures, or scripts as needed.
  • Correlate and analyze precursors to incidents and develop or tune rules, signatures, or scripts as needed.
  • Partner with the Cyber Data Analytics team to enhance SIEM alert efficiency by evaluating valid alerts and false positives, and develop or tune rules, signatures, or scripts as needed.
  • Coordinate with the Cyber Incident Response Team to assess ongoing activity, predict adversary responses and locations of compromise, and aid in triage.
  • Document all work in the authorized ticketing system with sufficient detail to allow stakeholders to reconstruct the analysis.
  • Provide input to recurring meetings and briefings as required.

Requirements

  • Must be a US citizen with an active TS/SCI clearance.
  • 8+ years of related advanced cyber security analytics work experience.
  • Certification compliant with DoD 8140.01 and DoD 8570.01-M IAT Level III and CSSP Analyst.
  • Experience with data mining or building queries in a SIEM.
  • Strong understanding of signature development and tuning.
  • Strong understanding of network protocols and analysis with protocol analyzers.
  • Knowledge of static file signatures, such as magic numbers, and how they apply to countermeasures for files in transit and on hosts.
  • Proficiency with regular expressions.

Technologies

  • Python
  • Bash
  • PowerShell
  • Hex Editor

Similar Jobs

Get Job Alerts

New jobs delivered to your inbox.