Cyber Security Analyst (HBSS/ESS)
Description
Cyber Security Analyst (HBSS/ESS)
Job Category: Information Technology Time Type: Full time Minimum Clearance Required to Start: Secret Employee Type: Regular-Long Term Assignment Percentage of Travel Required: Up to 10% Type of Travel: LocalAre you interested in continuing your career in Europe in a mission focused environment? CACI has established and upcoming positions throughout the European theater supporting multiple customers for the Department of Defense. We are looking for experienced, innovative and motivated IT Specialists to support enablement of AFRICOM, EUCOM and CJTF-HOA’s mission objectives.
What You’ll Get to Do:
CACI has an excellent opportunity for an experienced, self-directed, Cybersecurity Operations and Compliance analyst. This position is in support of a Department of Defense (DoD) organization, US EUCOM located OCONUS in Stuttgart, Germany. This position is required to stay OCONUS.
More About the Role:
The successful candidate must be able to communicate clearly and succinctly both written and orally, and present products and ideas in a business-like manner. The candidate will be required to work in dynamic fast paced environments that require team interaction and coordination of efforts. The candidate must be experienced in interfacing with both client managers and system users.
Required functions for Endpoint Security System (ESS), formally known as HBSS:
- Operate and maintain systems required to support endpoint level security tools.
- Maintain EUCOM endpoint security tools In Accordance With (IAW) JFHQ OPORD 16-0080 FRAGO 6 and any subsequent FRAGO or replacement order as appropriate.
- Maintain EUCOM endpoint security posture IAW Cyber Command Readiness Inspection (CCRI) inspection criteria.
- Administer HBSS SQL database.
- Maintain e-Policy Orchestrator (ePO) server(s) IAW minimum supported version as published in the DoD patch repository (https://patches.csd.disa.mil) and IAW applicable Security Technical Implementation Guidance (STIG) documents.
- Deploy required ESS products to EUCOM endpoints at or above minimum required patch levels including mandated antivirus products, intrusion detection / prevention products, data loss prevention products, rogue detection products, and compliance detection / reporting products. Maintain current compliance metric of 95% coverage on a per product basis OR any updated requirement brought about through updated OPORDs, TASKORDs, or CTOs.
- Configure periodic reporting / rollup reporting to Continuous Monitoring and Risk Scoring (CMRS) or other required reporting location as required by OPORD / CCRI inspection criteria.
- Configure and assign point product policies to EUCOM endpoint IAW applicable STIGs.
- Tune assigned point product policies to remove false positives and known non-malicious behaviors.
- Monitor, report, and investigate unknown and potentially malicious detected activity.
- Performance tune assigned point product policies to minimize resource use without compromising effective security posture.
- Monitor ESS program for updated guidance and products. Test, integrate, and deploy new / updated products and policies within DoD specified timeframes.
- Maintain administrator training IAW CCRI specified requirements to properly manage the endpoint security suite.
Qualifications:
- At least 3 years of HBSS/ESS experience
- Team building attitude, continuous learning record, and process improvement mindset
- Currently hold an adjudicated Secret Clearance and qualify for a TS/SCI clearance
- BA/BS + 8 years recent specialized or AA/AS +10 years recent specialized or a major cert + 12 years recent specialized or 14 years of recent specialized experience
- DoD 8570 IAM III and IAT II Baseline Certification
- Knowledge of DoD IT RMF, USCYBERCOM, and JFHQ-DoDIN
- Advanced Proficiency in Microsoft Office Suite products (Word, Excel, PowerPoint)
Nice to Have Qualifications:
- Microsoft Certified Solutions Associate (MCSA) Widows Server 2016/2019
- Microsoft Certified Solutions Associate (MCSA) SQL 2016 Database Admin
- Proficiency with Microsoft SCCM and/or other automatic reporting tools
- Experience with Splunk
- Adaptable to changing circumstances and operational needs
- Understanding of Department of Defense Military standards
- Experience with DoD IT security requirements
- Experience managing asset accuracy to Critical Success Factors (CSF)
- DoD 8570.01 Certification Compliance (CISSP, ISSEP, CISM)
As a federal contractor, CACI is subject to any federal vaccine mandates or other customer vaccination requirements. All new hires are required to report their vaccination status.