Senior Security Information Event Management (SIEM) Analyst @ CACI

CACI has an immediate opening for a Senior Security Information Event Management (SIEM) Analyst to support a Government client in Computer Network Defense. The candidate should have be familiar with a wide range of security tools and understand basic security fundamentals

Under general supervision, the Senior SIEM Analyst will:

 Monitor incoming event queues using security management tools.  Identify, categorize, prioritize, and investigate correlated events.  Perform investigation and triage of events and incidents and escalate according to SOPs.  Monitor/and work ticket queue for events and incidents.  Maintain shift logs with relevant activity.  Document investigation results and provide relevant details for final analysis.  Develop reports, dashboards, real-time rules, filters, and active channels, etc.  Provide event/incident procedure, long-term analysis, and investigation into NGA network activity and provide investigation reports.  Provide content development to include reports, dashboards, real-time rules, filters and active channels.  Configure SIEM tool performance and event data quality to maximize SIEM system efficiency.  Assist NGA cyber security teams with device event correlation.  Develop and institute standard procedures for the “front-end” operation of the SIEM system as directed by the government.  Assist Network Analysts with the development of rules, filter, active channels, and onboarding of new programs.

Required Qualifications:

• Must have current TS/SCI and able to pass CI polygraph with 60 days of hire • A Master’s degree • 10 or more years of experience in related field with minimum 6 years in SIEM tool analysis • DoD 8570 Management Level III • Event and Incident Analysis with ArcSight • Filtering of event data into dashboards • Reporting formats • Correlation Rule Development with ArcSight, SourceFire or other IDS/ SIEM tool • Development experience in Smart/Flex Connectors • Content Analysis, Development and Testing • Web Content Filtering Analysis, Development and Testing

Desired Qualifications:

• Master’s degree in Computer Information Systems, Computer Science, Information Technology, Information Science, Information Systems, or a related academic discipline of science, technology, engineering, or mathematics • ISC2 recognized professional certifications • SIEM Content Engineering Experience • Knowledge of technical writing and documentation and the ability to map processes and procedures back to roles and responsibilities within the organization

Education and Experience:

Master’s degree with 10 or more years of related experience.

All your information will be kept confidential according to EEO guidelines.