Host Analyst

Host Analyst

Job Category: Security
Time Type: Full time
Minimum Clearance Required to Start: TS/SCI
Employee Type: Regular
Percentage of Travel Required: Up to 10%
Type of Travel: Continental US

CCI is seeking a skilled and analytical Host Analyst to join our team supporting the U.S. Strategic Command (USSTRATCOM) Cybersecurity Service Provider (CSSP). This role aligns with the DoD 8140 Cyber Workforce Framework for Host Analyst (ID: 463) at the Advanced level. The candidate should have deep knowledge of system configurations and perform analysis using endpoint security solutions and system tools. Responsibilities include analyzing system services, configurations, logs, memory, and managing endpoint security tools. Work may involve rotating shifts for 24/7 support.

Join a dedicated CACI team focused on critical missions and fostering a positive, collaborative environment. Leadership promotes:

• Culture: Engaging workplace with gamified cyber concepts, contests, lunch-and-learns, youth programs, and industry events like DEFCON and BSIDES.
• Training: Emphasis on lifelong learning with robust programs aligned with your career goals and DoD needs, including mentorship and professional development resources.
• Talent Management: Personalized development plans, cross-training, and internal mobility to keep you challenged and engaged.

This role offers a unique opportunity to specialize in endpoint security and host analysis, contributing to national security.

• Endpoint Security Management: Manage and tune enterprise endpoint security solutions, develop custom signatures/rules.
• Host-Based Analysis: Analyze processes, system services, memory, and compare system states across Windows, Linux, and Unix.
• Log Analysis & Correlation: Configure and analyze logs, identify indicators of compromise, and work with SIEM platforms.
• Forensic Artifact Collection: Capture memory and disk images for analysis.
• Vulnerability & Compliance Assessment: Analyze configurations for vulnerabilities and compliance with standards like STIGs.
• Incident Support: Support incident response, perform root-cause analysis, validate security alerts.
• Reporting & Recommendations: Document findings, provide recommendations, and ensure timely reporting.
• Stakeholder Collaboration: Work with system administrators and responders to improve security.
• Additional Duties: Perform other tasks as assigned, possibly including guidance or training roles.

• Required Certifications: One of the following: CySA+ CE, (ISC)² SSCP, EC-Council CEH, Microsoft SC-200.
• Considered Certifications: GIAC GCIA, GCIH, GCWN, GCUX.
• Education & Experience: Bachelor's in IT, Cybersecurity, or related; 7+ years preferred with relevant experience in host analysis, endpoint security, incident response, or systems admin in security.
• Mandatory Experience: Hands-on management and analysis of major endpoint security solutions (e.g., Trellix, Crowdstrike, Microsoft Defender, SentinelOne).
• Additional Skills: Knowledge of Windows/Linux internals, scripting (PowerShell, Python, Bash), networking, analytical skills, and communication skills.
• Shift & Clearance: Willing to work rotating shifts; active or eligible Top Secret w/ SCI clearance.