CSOS II/Tier 2
Company: CACI
Location: Springfield
Posted on: April 1, 2026
|
|
|
Job Description:
Job Title: CSOS II/Tier 2 Job Category: Information Technology
Time Type: Full time Minimum Clearance Required to Start: TS/SCI
with Polygraph Employee Type: Regular Percentage of Travel
Required: Up to 10% Type of Travel: Local * * * The Opportunity
Provide CSOC Tier 2 services, which is 24x7x365 coordination,
execution, and implementation of all actions required for the
containment, eradication, and recovery measures for events and
incidents. CSOC Tier 2 services includes malware and implant
analysis, and forensic artifact handling and analysis. When a CIRT
is stood up, all contractors in support of CSOC Tier 2 services
will be under the direct control of, and take direction from, the
Government CIRT Commander. While not in a period of incident
response, the Contractor shall conduct continuous exercises and dry
runs to improve response outcomes in the event of a cyber-incident.
Responsibilities • Coordinate and implement tasks, performing
analysis, and building/documenting response activities required
during cyber security incident response, to include but not limited
to actions such as implementing containment measures, IP blocks,
domain blocks, and disabling user accounts on direction of the
Government. • Coordinates with Security and Installations
Directorate (SI) Office of Counterintelligence (SIC), Insider
Threat Office (SIII), in addition to other law enforcement and
counter intelligence personnel as required to perform advanced
investigation and triage of incidents; • Collaborates with
appropriate authorities in the production of security incident
reports; • Categorizes incidents and events; • Coordinates with
other contracts, organizations, activities, and other services as
appropriate to ensure incidents are properly reported, contained,
and eradicated; • Coordinates with other contracts, organizations,
activities, and other services as appropriate to de-conflict blue /
red team activity with open incidents/events; • Documents actions
taken and analysis in the authorized ticketing system to a level of
detail where the actions taken and analysis are capable of being
systematically reconstructed. • Develops and when approved by the
Government generates and updates reports in the Joint Incident
Management System (JIMS), Incident Case Management System (ICMS),
and/or other authorized reporting systems as directed; • Develops,
maintains, sustains, and when properly authorized by the Government
executes custom scripts, tools, and capabilities to collect and
analyze data, and to respond to incidents/events; • Performs
digital media analysis on host, server, and network data as
required to analyze and respond to an incident, to include but not
limited to volatile and non-volatile memory and/or system artifact
collection and analysis; • Develops and identifies indicators of
compromise to send to Cybersecurity stakeholders and other Contract
Services; • Performs malware analysis and signature development; •
Provides input to and coordinates with all applicable stakeholders
to develop and deliver the daily CSOC Significant Activity Report,
the daily CSOC Operations Update, and the Weekly CSOC Status
Qualifications Required • Must be a US Citizen with an Active
TS/SCI to start work, but required to obtain a CI Poly within 6
months. • Typically has a University Degree (BA/BS) or equivalent
experience and minimum 5 years of related work experience • All
Contractor personnel performing CSOC Tier 3 services shall have a
certification that is compliant with DoD 8140.01 and DoD 8570.01-M
IAT Level II and CSSP Analyst Certification. • Ability to work 1 or
more of 5 work shifts - What You Can Expect: A culture of
integrity. At CACI, we place character and innovation at the center
of everything we do. As a valued team member, you’ll be part of a
high-performing group dedicated to our customer’s missions and
driven by a higher purpose – to ensure the safety of our nation. An
environment of trust. CACI values the unique contributions that
every employee brings to our company and our customers - every day.
You’ll have the autonomy to take the time you need through a unique
flexible time off benefit and have access to robust learning
resources to make your ambitions a reality. A focus on continuous
growth. Together, we will advance our nation's most critical
missions, build on our lengthy track record of business success,
and find opportunities to break new ground — in your career and in
our legacy. Pay Range : There are a host of factors that can
influence final salary including, but not limited to, geographic
location, Federal Government contract labor categories and contract
wage rates, relevant prior work experience, specific skills and
competencies, education, and certifications. Our employees value
the flexibility at CACI that allows them to balance quality work
and their personal lives. We offer competitive compensation,
benefits and learning and development opportunities. Our broad and
competitive mix of benefits options is designed to support and
protect employees and their families. At CACI, you will receive
comprehensive benefits such as; healthcare, wellness, financial,
retirement, family support, continuing education, and time off
benefits. The proposed salary range for this position is: $86,600 -
$181,800 CACI is an Equal Opportunity Employer. All qualified
applicants will receive consideration for employment without regard
to race, color, religion, sex, pregnancy, sexual orientation, age,
national origin, disability, status as a protected veteran, or any
other protected characteristic.
Keywords: CACI, Annandale , CSOS II/Tier 2, IT / Software / Systems , Springfield, Virginia
