Cyber Security CERT Analyst Job

Category: Information Systems – Security
Primary Location: Springfield, VA, US
Security Clearance: TS/SCI
Clearance Status: Not Applicable
Schedule: Full Time
Type of Travel: Local
Percent of Travel Required: Up to 10%



At CACI, we don’t just hire you for a job; we hire you for a career. CACI recruits, retains, and develops a diverse range of talent to create an environment that fuels innovation and fosters continuous improvement and success. We empower you to forge your path while providing you with the tools, guidance, and flexibility needed to accomplish your career goals. CACI has a clear, defined strategy that has guided our success for over fifty years.

Consider a career with CACI, where you will have the opportunity to make an immediate impact by providing the information technology and consulting solutions America needs to defeat global terrorism, secure our homeland and improve government services.


CACI has an immediate opening for a CERT Analyst to support a Government client in Computer Security Incident Response. The candidate will perform independent assessment of information security posture for the organization using applicable tools (ArcSight, Wireshark, Netwitness) ; Monitor security systems and analyze potential threats to client systems; work as the focal point for client CND organizations to include outside partners; provide life-cycle management of security incidents; Prepare and present evaluation reports regarding security incidents

Duties and Responsibilities:

– The customer directs the cyber intelligence analysis, computer network defense and security for the organization and leads the computer security incident response activities. The CERT functions as the focal point for Information Assurance within the agency and operates in conjunction with the Enterprise Service Center (ESC). Directs computer security incident response activities for events to include, but not be limited to: viruses, worms, Trojan horses, other malicious code, system security breaches, and cyber-terrorist attacks.

– Prepare and deliver daily CERT activities brief and weekly reports such as the Domain Tipper report, fraudulent list and DAA-CISO briefing.

– Collaborate and coordinate with other agency elements of the CERT to proactively enhance the security posture of agency networks. Provide intelligence cyber fusion analysis support to the agency.

– Manages the creation of the US CYBERCOM (USCC) quarterly scorecard. Track, update and brief CS leadership on the status of the quarterly USCC score card.

– Track and report on all CTO’s, FRAGO’s and other USCC and IC-IRC requirements. Report agency compliance with USCC and IC-IRC orders and directives. Provide notifications in accordance with standing JCD and ISM processes. Provide Incident Reports (IR) and After Action Reports (AAR) for Category 1, 2, 4 and 7 computer security incidents.

– During normal business hours and after hours, notify the IA Government representative within one (1) hour of any compromise, intrusion, significant event or threat to the cusotmer security posture. An afterhours escalation process will be developed by the contractor and the Government function monitor to assess the level of threat and determine whether notification should be escalated through the Government chain of authority. During the transition period the contractor will document this after hour contact process and keep the contact list updated as part of their standing operating procedures during the life of this contract.

– Assess cyber security risks for customer systems and networks. The assessments shall include, but not be limited to: risk analysis, solutions to risk factors, and mitigation strategies.

– Maintain and populate customer CERT’s incident databases. Update incident database to ensure positive tracking is accomplished for incidents reported to or by customer CERT. Team shall pull intelligence reports and determine items of interest to customer.

– Produce event reports and share discovered malicious network activity. Indicators within the IC and DoD.

– Provide cyber threat characterization and indications and warnings of threats to the customer enterprise in the form of briefing and all source analytical products.

– Conduct all incident handling in accordance with ISM process and provide recommendation for improvement. Participate in enterprise exercises, table tops and cyber exercise in accordance with ISM process.


Typically requires a bachelor’s degree or equivalent and five to seven years of related experience.

Required Qualifications:

– All positions require a current TS/SCI and the ability to pass a polygraph within 60 days of hire
– BS in Engineering, Computer Science or related Science degree

– Minimum of 5 years incident responsive/investigative/CI experience

– 5 years experience in computer science or software engineering.

– 5 years experience in information security fundamental/principles

– 3 to 5 years Technical experience in client/server

– Maintain technical expertise level by keeping abreast of evolving IS technologies and how they will impact the security of cusotmer ISs

– In-depth knowledge of DCID 6/3, knowledge of ICD 503 and other applicable policies governing accreditation of IS operating in Protection Levels 1, 2, 3, 4 and 5.

– All contractor personnel must pass a Counterintelligence (CI) polygraph within two months of award. Backfill personnel are required to pass the polygraph within two months of arrival.

– All contractor personnel will need to possess and maintain an organization courier card and an AIS equipment media property badge.

– Contractor will execute the contract in accordance with all applicable legislation including Presidential, Congressional, Department of Defense (DoD), Office of the Director of National Intelligence (ODNI), and customer legislation, policy, and directives.

Company Description:

CACI employs a diverse range of talent to create an environment that fuels innovation and fosters continuous improvement and success. Join CACI, where you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian clients. A member of the Fortune 1000 Largest Companies and the Russell 2000 Index, CACI provides dynamic careers for approximately 15,000 employees working in over 120 offices worldwide.

CACI is an Equal Opportunity Employer – Females/Minorities/Protected Veterans/Individuals with Disabilities.

Nearest Major Market: Washington DC

Job Segment: Defense, Engineer, Security Clearance, Information Systems, Security, Government, Engineering, Technology


Leave a Reply