Senior Cyber Incident Responder
Company: CACI
Location: Saint Louis
Posted on: April 1, 2026
|
|
|
Job Description:
Job Title: Senior Cyber Incident Responder Job Category:
Information Technology Time Type: Full time Minimum Clearance
Required to Start: TS/SCI Employee Type: Regular Percentage of
Travel Required: Up to 10% Type of Travel: Local * * * The
Opportunity: The candidate shall provide Incident Response within a
24/7/365 SOC. The candidate will be responsible for coordination,
execution, and implementation of all actions required for the
containment, eradication, and recovery measures for events and
incidents. This includes malware analysis, forensic artifact
handling and analysis. In addition, while not in a period of
incident response, the role requires participation in continuous
exercises and dry runs to improve overall process improvement.
Responsibilities: Coordinate and execute tasks, performing
analysis, and building/documenting response activities required
during cyber security incident response, to include but not limited
to actions such as implementing containment measures, IP blocks,
domain blocks, and disabling user accounts on direction of the
Government. Coordinates with other stakeholders as appropriate to
ensure incidents are properly reported, contained, and eradicated.
Coordinates with other contracts, organizations, activities, and
services to ensure NGA recovers from an incident/event. Builds
timelines, documents, briefings, and other products as required to
inform stakeholders of incident response actions, analysis, and the
impact of both adversary activity and blue force response actions.
Documents actions taken and analysis in the authorized ticketing
system to a level of detail where the actions taken and analysis
are capable of being systematically reconstructed. Serve as C-IRT
members as required and serve under the direct control of, and take
direction from, the Government C-IRT Commander. Develops,
documents, and provides to the Government incident investigation
reports which include sufficient information to document the entire
lifecycle of the incident and the response, including but not
limited to adversary and friendly forces activity, host and network
analysis, timelines, and recommendations for corrective actions,
recommendations for new Tactics, Techniques, and Procedures (TTP)
and other recommendations as appropriate, within 30 days of C-IRT
stand-down; Conduct Quality Control reviews of tickets worked by
more junior analysts to ensure proper analysis, categorization,
documentation, and notification. Qualifications: Required:
Candidate must have a TS/SCI with ability to obtain a Polygraph
Demonstrated experience serving in an incident response role, or
similar, for a minimum of 4 years. Sufficient knowledge of complex
enterprise cybersecurity systems and technologies with the ability
to interpret network and web architecture documentation.
Demonstrated experience providing briefings to an executive
audience. Certified DoD 8140.01 and 8570.01-M Information Assurance
Technical Officer (IAT) Level III Certified DoD 8140.01 and
8570.01-M CSSP Incident Responder Excellent verbal and writing
skills with the ability to write clear and concise assessment
reports. Good understanding of adversarial tactics and techniques
as it applies to defensive cyber operations. Strong understanding
of both network and host-based tactics. Good understanding of web
application exploitation techniques. Strong understanding of the
attack lifecycle. Good understanding of defense evasion techniques.
Bachelor’s degree, or higher, in Computer Science, Cyber Security
Engineering or IT-related discipline. With an additional 8 years of
experience in the cybersecurity field. Additional years of
experience may be substituted in lieu of degree. Desired:
Demonstrated 6 or more years of experience supporting an IC or DoD
agency with an understanding of Defensive Cyber Operations in cloud
environments, including hybrid multi-cloud environments. Proficient
in vendor agnostic cloud security concepts Strong understanding
with the Intelligence Lifecycle and how it applies to Cyber Threat
Intelligence reporting. - What You Can Expect: A culture of
integrity. At CACI, we place character and innovation at the center
of everything we do. As a valued team member, you’ll be part of a
high-performing group dedicated to our customer’s missions and
driven by a higher purpose – to ensure the safety of our nation. An
environment of trust. CACI values the unique contributions that
every employee brings to our company and our customers - every day.
You’ll have the autonomy to take the time you need through a unique
flexible time off benefit and have access to robust learning
resources to make your ambitions a reality. A focus on continuous
growth. Together, we will advance our nation's most critical
missions, build on our lengthy track record of business success,
and find opportunities to break new ground — in your career and in
our legacy. Pay Range : There are a host of factors that can
influence final salary including, but not limited to, geographic
location, Federal Government contract labor categories and contract
wage rates, relevant prior work experience, specific skills and
competencies, education, and certifications. Our employees value
the flexibility at CACI that allows them to balance quality work
and their personal lives. We offer competitive compensation,
benefits and learning and development opportunities. Our broad and
competitive mix of benefits options is designed to support and
protect employees and their families. At CACI, you will receive
comprehensive benefits such as; healthcare, wellness, financial,
retirement, family support, continuing education, and time off
benefits. The proposed salary range for this position is:
$90,300-$189,600 CACI is an Equal Opportunity Employer. All
qualified applicants will receive consideration for employment
without regard to race, color, religion, sex, pregnancy, sexual
orientation, age, national origin, disability, status as a
protected veteran, or any other protected characteristic.
Keywords: CACI, O'Fallon , Senior Cyber Incident Responder, IT / Software / Systems , Saint Louis, Missouri
