CACI International Inc logo
CACI International Inc

Expertise and Technology for National Security

SecOps Analyst

Security OperationsSecurity OperationsFull TimeRemoteSeniorTeam 10,001+Since 1962H1B No SponsorCompany SiteLinkedIn

Location

Illinois

Posted

4 days ago

Salary

$75.2K - $158.1K / year

Seniority

Senior

Bachelor Degree3 yrs expEnglishCloudFirewalls

Job Description

SecOps Analyst

CACI International Inc

• Monitor and analyze security events and alerts using Elastic Security SIEM • Conduct vulnerability scans with Tenable SC and assess cloud workloads via Tenable Cloud Security • Manage and enforce endpoint security policies using Trellix ePO or Microsoft Defender for Endpoint (MDE) • Monitor network security activity across Palo Alto Next-Generation Firewalls • Analyze secure access traffic through Zscaler Private Access and Internet Access • Detect, document, and escalate security incidents following established response procedures • Develop continuous monitoring reports and contribute to security posture dashboards • Track and present security KPIs to program leadership

Job Requirements

  • Active Secret or Top Secret clearance
  • 3–5 years of experience in a security operations or SOC environment
  • Hands-on experience with a SIEM platform (Elastic Security strongly preferred)
  • Working knowledge of vulnerability scanning tools (Tenable SC preferred)
  • Familiarity with network security monitoring and firewall technologies
  • DoD 8140.03M DCWF Basic Tier Certification — one of: CC, GDSA, or GISF
  • DoD 8140 Interim Education Options

Benefits

  • healthcare
  • wellness
  • financial
  • retirement
  • family support
  • continuing education
  • time off benefits

Related Categories

Related Job Pages

More Security Operations Jobs

Forward Deployed Engineer – AI SOC

Thinkahead Consultant Psychologist Pty Ltd

We get to the heart of the matter.....real people......real solutions

Full TimeRemoteTeam 1-10H1B No Sponsor

• Serve as the technical lead for deploying and operationalizing security and AI solutions in customer or enterprise environments • Translate business, operational, and security requirements into deployable architectures and implementation plans • Partner with internal and external stakeholders to ensure solutions are aligned to operational goals, compliance requirements, and long-term platform strategy • Act as a trusted advisor during onboarding, implementation, rollout, and optimization phases • Design and implement integrations across SIEM, XDR, SOAR, case management, data platforms, and AI-enabled tooling • Build and configure cloud-native data ingestion, normalization, and enrichment pipelines for security telemetry • Integrate APIs, webhooks, message queues, and automation workflows across identity, endpoint, cloud, network, and application ecosystems • Develop reusable deployment patterns, templates, and technical assets to accelerate future implementations • Operationalize AI and automation use cases within security workflows, including alert enrichment, triage support, summarization, clustering, playbook selection, and analyst copilots • Work with detection engineering and data teams to support the implementation of behavioral analytics, anomaly detection, risk scoring, and other AI-assisted security use cases • Help define data requirements, feedback loops, and operational guardrails needed to support effective AI outcomes in production environments • Ensure deployed solutions are practical, measurable, and aligned to analyst workflows and response objectives • Implement secure and governed automation for investigation and response use cases across heterogeneous environments • Support resiliency, observability, performance, and scale requirements for deployed solutions • Troubleshoot integration issues, deployment blockers, and production challenges in partnership with platform, cloud, and security teams • Improve reliability and maintainability through documentation, testing, monitoring, and standardized engineering practices • Collaborate across Security Operations, Security Engineering, Detection Engineering, Data Science, Infrastructure, and product or customer teams • Communicate technical concepts clearly to both technical and non-technical stakeholders • Mentor engineers and contribute to best practices for implementation, delivery, and technical solution design • Provide field feedback to influence platform roadmap, product direction, and architectural standards.

United States
$160K - $200K / year
Full TimeRemoteTeam 11-50Since 2004H1B No Sponsor

• Monitor security alerts and events across Box’s environment using SIEM and other detection tools. • Lead and coordinate the end-to-end response to security incidents. • Conduct in-depth forensic analysis of endpoints, logs, and network traffic. • Develop and refine incident response playbooks, runbooks, and procedures. • Collaborate with Engineering, Legal, and Compliance teams. • Identify trends and patterns in security data to proactively surface emerging threats. • Contribute to threat intelligence programs by researching adversary tactics, techniques, and procedures (TTPs).

California
$78.5K - $95K / year
Job Closed
RealTime eClinical Solutions logo

Director of IT – Security Operations

RealTime eClinical Solutions

Better research. Better business. Better outcomes.

Full TimeRemoteTeam 51-200Since 2011H1B No Sponsor

• Owns the security, availability, and compliance of the systems. • Operate and evidence the controls required for SOC 2 Type 2 and HIPAA. • Maintain the risk register and run an annual risk assessment. • Enforce least privilege access across corporate and production systems. • Manage cloud hosting vendors and environment changes. • Monitor the security of corporate and cloud environments. • Manage the team providing technical support to employees. • Design and manage the disaster-recovery and business-continuity process.

Texas
$150K - $160K / year
Asymmetric logo

Security Engineer – Incident Response

Asymmetric

Early stage capital for disruptive technology companies.

Full TimeRemoteTeam 1-10H1B No Sponsor

• Serve as Incident Commander for SIRN-related security cases • Lead incident triage efforts • Coordinate with internal AR teams and external Solana ecosystem stakeholders • Develop, tune, and triage telemetry signals • Identify gaps in current detection coverage • Author, maintain, and continuously improve incident runbooks • Provide operational and logistical support to the SIRN project team • Escalate to AR Engineering and Consulting leads as appropriate

Asia