Threat Detection Specialist Job Category: Information Technology Time Type: Full time Minimum Clearance Required to Start: Secret Employee Type: Regular Percentage of Travel Required: Up to 10% Type of Travel: Continental US * * * **The Opportunity:** Are you ready to revolutionize financial auditability and transportation logistics? We're seeking talented individuals to join our team in implementing a cutting-edge software system that will transform how businesses manage their finances and supply chains. From program management and cybersecurity to systems engineering and process optimization, we have exciting opportunities across multiple disciplines.* If you're passionate about leveraging technology to streamline operations and enhance transparency, this is your chance to make a significant impact. Join us in building the future of financial and logistical management – your expertise could be the key to our success! *Positions contingent upon contract award. **Responsibilities:** Junior-level: + Performs cyber incident response duties, including post-notification coordination and response to all cyber-related incidents and events. + Conducts 24x7x365 monitoring of Security Information and Event Management (SIEM) and other cyber tools to identify, diagnose, mitigate, and report service interruptions within the JTMS environment. + Drives resolutions and coordinate with internal and external teams to identify root causes and restore services, implementing workarounds when necessary. + Communicates status updates to affected stakeholders throughout and following incidents. + Completes after-action reports for all incidents. Utilize the Incident Response Plan and document event details in Incident Reports to optimize response actions. + Provides daily ticket reviews, updates, and reports. Intermediate: + Performs advanced cyber incident response duties, including post-notification coordination and response to all cyber-related incidents and events. + Conducts and oversees 24x7x365 monitoring of Security Information and Event Management (SIEM) and other cyber tools to identify, diagnose, mitigate, and report service interruptions within the JTMS environment. + Leads resolution efforts and coordinate with internal and external teams to identify root causes and restore services, implementing workarounds when necessary. + Communicates status updates to affected stakeholders throughout and following incidents, ensuring clear and timely information dissemination. + Completes comprehensive after-action reports for all incidents, including lessons learned and recommendations for process improvements. + Utilizes and optimizes the Incident Response Plan, ensuring all event details are thoroughly documented in Incident Reports to enhance response actions. + Provides and reviews daily ticket updates and reports, identifying trends and areas for improvement in the incident response process. Senior: + Lead and perform advanced cyber incident response duties, overseeing post-notification coordination and response to all cyber-related incidents and events. + Directs 24x7x365 monitoring operations of Security Information and Event Management (SIEM) and other cyber tools to identify, diagnose, mitigate, and report service interruptions within the JTMS environment. + Spearheads resolution efforts, coordinating with internal and external teams to identify root causes, implement strategic solutions, and restore services with minimal impact. + Manages stakeholder communications, ensuring clear, timely, and appropriate information dissemination throughout the incident lifecycle. + Oversees the production of comprehensive after-action reports, driving continuous improvement in incident response processes. + Leads the optimization and implementation of the Incident Response Plan, ensuring all event details are meticulously documented to enhance future response actions. + Provides expert analysis of daily ticket reviews, updates, and reports, identifying trends and recommending strategic improvements to enhance overall cybersecurity posture. Subject Matter Expert/SME: + Serves as the ultimate authority on cyber incident response, overseeing and optimizing all aspects of incident management and threat detection. + Provides expert guidance on 24x7x365 monitoring operations of SIEM and other cyber tools, ensuring cutting-edge practices for identifying, diagnosing, mitigating, and reporting service interruptions within the JTMS environment. + Leads strategic resolution efforts for complex cyber incidents, coordinating with internal and external stakeholders to implement innovative solutions and restore services. + Develops and implements advanced communication strategies for incident management, ensuring optimal information flow to all affected parties. + Oversees and enhances the production of after-action reports, driving continuous improvement and innovation in incident response processes. + Leads the evolution of the Incident Response Plan, incorporating industry best practices and emerging technologies to optimize response actions. + Provides high-level analysis and strategic insights based on daily ticket reviews, updates, and reports, identifying trends and opportunities for transformative improvements in cybersecurity operations. **Qualifications:** _Required:_ Junior: + Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field (Equivalent combination of education and experience may be considered in lieu of degree) + 0-3 years of experience in cybersecurity or related IT field. + Must be a US Citizen and clearance eligible, as needed. + Strong understanding of cybersecurity principles and best practices. + Excellent problem-solving and analytical skills Ability to work in a fast-paced, 24x7x365 environment. + Exceptional communication skills, both written and verbal Intermediate: + Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field (Equivalent combination of education and experience may be considered in lieu of degree) + 3-8 years of experience in cybersecurity incident response and threat detection. + Must be a US Citizen and clearance eligible, as needed. + Proven track record in handling cyber incidents and coordinating response efforts. + Strong knowledge of SIEM tools and other cybersecurity technologies. + Excellent problem-solving and analytical skills. Ability to work in a fast-paced, 24x7x365 environment. + Outstanding communication skills, both written and verbal Senior: + Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field (Equivalent combination of education and experience may be considered in lieu of degree) + 8-11 years of experience in cybersecurity incident response and threat detection. + Must be a US Citizen and clearance eligible, as needed. + Proven leadership in managing high-stakes cyber incidents and response teams. + Advanced knowledge of SIEM tools and cutting-edge cybersecurity technologies. + Exceptional problem-solving, analytical, and strategic thinking skills. + Ability to lead and perform in a demanding 24x7x365 environment. + Superior communication skills, with the ability to effectively brief executive leadership ​Subject Matter Expert/SME: + Master's degree in Cybersecurity, Information Technology, Computer Science, or related field (Equivalent combination of education and experience may be considered in lieu of degree) + 12+ years of progressive experience in cybersecurity incident response and threat detection. + Must be a US Citizen and clearance eligible, as needed. + Recognized thought leader in the cybersecurity field with a track record of contributions to industry practices. Comprehensive mastery of SIEM tools, advanced cybersecurity technologies, and emerging trends. + Exceptional strategic thinking, problem-solving, and analytical capabilities. + Proven ability to lead high-performance teams in a 24x7x365 critical environment. + Outstanding communication skills, capable of influencing C-level executives and technical teams alike. _Desired:_ Junior: + Familiarity with SIEM tools and other cybersecurity technologies. + Knowledge of incident response methodologies and best practices. + Basic understanding of network protocols and common attack vectors. + Ability to work effectively in a team environment. + Strong attention to detail and ability to maintain accurate documentation Intermediate: + Relevant cybersecurity certifications (e.g., CISSP, CISM, GCIH). + Experience with a variety of SIEM tools and cybersecurity technologies. + In-depth knowledge of incident response methodologies and industry best practices. + Strong understanding of network protocols, common attack vectors, and emerging threats. + Experience in mentoring junior team members. + Ability to work effectively under pressure and manage multiple priorities Senior: + Master's degree + Advanced cybersecurity certifications (e.g., CISSP, CISM, GCIH, GCIA). Extensive experience with a wide range of SIEM tools and advanced cybersecurity technologies. + Deep understanding of incident response frameworks, threat intelligence, and industry best practices. + Proven ability to lead and mentor incident response teams. + Experience in developing and implementing cybersecurity policies and procedures. + Strong project management skills and experience in cross-functional leadership ​Subject Matter Expert/SME: + PhD + Elite-level cybersecurity certifications (e.g., CISSP, CISM, GCIH, GCIA, and advanced specialized certifications). + Recognized expertise in multiple SIEM platforms and cutting-edge cybersecurity technologies. + Proven track record of developing innovative incident response methodologies and threat detection techniques. + Experience in shaping organizational and industry-wide cybersecurity policies and standards. + Strong background in research and publication in cybersecurity fields. + Demonstrated ability to lead cross-functional teams and influence executive decision-making This position is contingent on funding and may not be filled immediately. However, this position is representative of positions within CACI that are consistently available. Individuals who apply may also be considered for other positions at CACI. **________________________________________________________________________________________** **What You Can Expect:** **A culture of integrity.** At CACI, we place character and innovation at the center of everything we do. As a valued team member, you’ll be part of a high-performing group dedicated to our customer’s missions and driven by a higher purpose – to ensure the safety of our nation. **An environment of trust.** CACI values the unique contributions that every employee brings to our company and our customers - every day. You’ll have the autonomy to take the time you need through a unique flexible time off benefit and have access to robust learning resources to make your ambitions a reality. **A focus on continuous growth.** Together, we will advance our nation's most critical missions, build on our lengthy track record of business success, and find opportunities to break new ground — in your career and in our legacy. **Your potential is limitless.** So is ours. Learn more about CACI here. (https://careers.caci.com/global/en/life-at-caci) **________________________________________________________________________________________** **Pay Range** : There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits. Learn more here (https://careers.caci.com/global/en/employee-benefits) . Since this position can be worked in more than one location, the range shown is the national average for the position. The proposed salary range for this position is: $68,400-$143,700 _CACI is_ _an Equal Opportunity Employer._ _All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, age, national origin, disability, status as a protected veteran, or any_ _other protected characteristic._