Skip to content
Host Analyst
| Company | CACI |
|---|
| Location | Offutt AFB, NE, USA |
|---|
| Salary | $65000 – $136500 |
|---|
| Type | Full-Time |
|---|
| Degrees | Bachelor’s |
|---|
| Experience Level | Senior, Expert or higher |
|---|
Requirements
- Must possess one of the following certifications: CompTIA Cybersecurity Analyst (CySA+) CE, (ISC)² Systems Security Certified Practitioner (SSCP), EC-Council Certified Ethical Hacker (CEH), Microsoft Certified: Security Operations Analyst Associate (SC-200)
- Bachelor’s degree (BS) in Information Technology, Cybersecurity, Computer Science, or a related technical field is required
- A minimum of 7 years of relevant experience is preferred
- Demonstrated hands-on experience managing and analyzing data from one or more major Endpoint Security Solutions such as Trellix/McAfee ePO/ENS, Crowdstrike Falcon, Microsoft Defender for Endpoint (MDE), Windows Sysmon, or SentinelOne
- Must possess an active or be eligible to acquire Top Secret w/ SCI security clearance
- Must be willing and able to work rotating shifts (days, evenings, nights, weekends, holidays) as required by mission needs.
Responsibilities
- Manage, configure, tune, and monitor enterprise endpoint security solutions (e.g., EDR, HIPS, HIDS, AV)
- Analyze potentially malicious processes, libraries, modules, and system services on Windows, Linux, and Unix systems
- Configure, collect, and analyze host logs to identify indicators of compromise and correlate activity across systems
- Capture forensically sound memory and disk images for analysis or escalation
- Analyze host configurations for vulnerabilities, misconfigurations, and compliance with STIGs and organizational policies
- Provide host-level analysis support during incident response activities
- Document findings, analysis steps, and develop detailed reports on host security status and potential compromises
- Work with system administrators, incident responders, and other stakeholders to investigate findings and implement security improvements
- Perform other related duties as assigned by leadership to meet mission requirements and support USSTRATCOM objectives.
Preferred Qualifications
- GIAC Certified Intrusion Analyst (GCIA)
- GIAC Certified Incident Handler (GCIH)
- GIAC Certified Windows Security Administrator (GCWN)
- GIAC Certified UNIX Security Administrator (GCUX)
- Experience working within DoD or Federal government environments and familiarity with DoD cybersecurity policies, STIGs, and frameworks is highly desirable
- Knowledge of DISA HBSS (Host Based Security System) training (Admin 201, Advanced 301, Analyst 501) is helpful
- Proficiency with host analysis tools, scripting languages (e.g., PowerShell, Python, Bash) for automation and analysis, and log analysis techniques.
