Advanced Cybersecurity Analytics Engineer III
Company: CACI
Location: Saint Louis
Posted on: April 1, 2026
|
|
|
Job Description:
Job Title: Advanced Cybersecurity Analytics Engineer III Job
Category: Information Technology Time Type: Full time Minimum
Clearance Required to Start: TS/SCI Employee Type: Regular
Percentage of Travel Required: Up to 10% Type of Travel: Local * *
* The Opportunity Reporting to the Lead of Focused Operations,
under the Branch Chief of Defensive Cyber Operations, you will be
tasked with developing and maintaining defensive countermeasures
for the enterprise. Working within a Fusion model, will collaborate
with other teams within Focused Operations with the distinct task
of proactively preventing a successful compromise and eradicating
persistent adversaries already in the enterprise. This will be done
through various means such as: reviewing future and past
intelligence reports, reviewing incident reports, through regular
Purple Teaming exercises, and continuously validating Defensive
Countermeasures already deployed. Responsibilities Analyzes trends
and patterns of data on NGA networks to identify and predict
previously undiscovered events and incidents, and develop or tune
rules/signatures/scripts as needed. Coordinates with Defensive
Cyber Operations and Focused Operations to develop or tune
rules/signatures/scripts. Coordinates with other Cybersecurity
Operations Services to investigate and obtain information about
potential sources of compromise on enterprise systems, and develop
or tune rules/signatures/scripts as needed. Correlates and analyzes
precursors to incidents, and develop or tune
rules/signatures/scripts as needed. Will collaborate with the Cyber
Data Analytics team to achieve SIEM alert efficiency though
evaluation of valid alerts and false positives, and develop or tune
rules/signatures/scripts as needed Work with the Cyber Incident
Response Team by assessing ongoing incident activity to predict
adversary responses and locations of compromise to assist with
triage. Documents all work in the authorized ticketing system with
a sufficient level of detail to ensure all stakeholders can
systematically reconstruct the analysis; Provide input to
reoccurring meetings and briefings as required. Qualifications
Required Must be a US Citizen with an Active TS/SCI. 8 years of
related advanced cyber security analytics work experience. Must
have a certification that is compliant with DoD 8140.01 and DoD
8570.01-M IAT Level III and CSSP Analyst. Experience with data
mining or building queries in a SIEM. Strong understanding of
signature development and tuning. Strong understanding of network
protocols and analysis with protocol analyzers. Knowledge of static
file signatures, i.e. "magic numbers" and how it applies to
developing countermeasures for files in transit and that reside
locally on a host. Good working knowledge of regular expressions.
Desired Comfortable in a hex editor. Ability to write
python/bash/powershell scripts. Ability to analyze each use case,
as it pertains to detection logic, and identify the corresponding
capability. Good understanding of Purple Team Tactics. Familiarity
with security in a cloud environment and how it applies to
visibility gaps, data lakes and data mining. - What You Can Expect:
A culture of integrity. At CACI, we place character and innovation
at the center of everything we do. As a valued team member, you’ll
be part of a high-performing group dedicated to our customer’s
missions and driven by a higher purpose – to ensure the safety of
our nation. An environment of trust. CACI values the unique
contributions that every employee brings to our company and our
customers - every day. You’ll have the autonomy to take the time
you need through a unique flexible time off benefit and have access
to robust learning resources to make your ambitions a reality. A
focus on continuous growth. Together, we will advance our nation's
most critical missions, build on our lengthy track record of
business success, and find opportunities to break new ground — in
your career and in our legacy. Pay Range : There are a host of
factors that can influence final salary including, but not limited
to, geographic location, Federal Government contract labor
categories and contract wage rates, relevant prior work experience,
specific skills and competencies, education, and certifications.
Our employees value the flexibility at CACI that allows them to
balance quality work and their personal lives. We offer competitive
compensation, benefits and learning and development opportunities.
Our broad and competitive mix of benefits options is designed to
support and protect employees and their families. At CACI, you will
receive comprehensive benefits such as; healthcare, wellness,
financial, retirement, family support, continuing education, and
time off benefits. The proposed salary range for this position is:
$75,200-$158,100 CACI is an Equal Opportunity Employer. All
qualified applicants will receive consideration for employment
without regard to race, color, religion, sex, pregnancy, sexual
orientation, age, national origin, disability, status as a
protected veteran, or any other protected characteristic.
Keywords: CACI, Springfield , Advanced Cybersecurity Analytics Engineer III, IT / Software / Systems , Saint Louis, Illinois
