remote type
Hybrid Working
locations
USA-SC-Columbia
USA-DC-Washington
Full time
R42720
Secure our Nation, Ignite your Future
Become an integral part of a diverse team while working at an Industry Leading Organization, where our employees come first. At ManTech International Corporation, you’ll help protect our national security while working on innovative projects that offer opportunities for advancement.
Currently, ManTech is seeking a motivated, career, and customer-oriented Senior Cyber Threat Analyst (CTA) to join our SOC Cybersecurity team and provide unparalleled support to a federal customer and begin an exciting and rewarding career within ManTech.
Responsibilities include, but are not limited to:
Provide cyber threat intelligence, correlation, and response; includes amassing information from various security systems such as SIEM, SOAR, UBA, IDS/IPS, EDR as well as other information and data sources such as CTI feeds/sources and OSINT.
Conduct in-depth research and analysis; responsible for identification of threat tactics, methodologies as well as evaluating threat critical capabilities, requirements, and vulnerabilities.
Also responsible for documenting and correlating digital information, such as, threat data (Victim/Source Internet Protocol (IP) addresses, Uniform Resource Locators (URL), malicious software), actor contacts or personal data, system logs, obtained from single or multiple sources and develop correlation associations. Analyze cyber intrusion activities and make recommendations for the customer to collect, monitor, counteract, or mitigate the threat. Analyze leading-edge technologies and make recommendations on analytical procedures for customer to address cyber threats and vulnerabilities targeting U.S. national interests.
Monitor and report on any new or changes in threat dispositions, TTPs, cyber operations warnings, etc.
Develop and provide timely, fused, all-source cyber operations intelligence, analysis and/or indications and warnings intelligence products (e.g., threat assessments, briefings, intelligence studies, country studies).
Provide analysis of threat intelligence data and log files to recover malicious activity, indicators, signatures, commands/passwords; as well as identify software programs used, identify communication recipients, and identify number of users on victim systems.
Create, analyze and report on intelligence-derived significant network events and intrusions.
Report on underlying patterns of behavior by conducting detailed analysis of incidents, threats and risks and associated impacts and consequences, vulnerabilities, tactics, techniques, and procedures (TTP), and other malicious and non-malicious indicators.
Provide intelligence and situational awareness briefings to customer and cyber operations.
Ability to produce quality finished intelligence products for short deadlines, as well as continuing to maintain analysis for and report on long term strategic assessments.
Basic Qualifications:
One or more of the following certification: Certified Network Defender (CND), Certified Threat Intelligence Analyst (CTIA), NCCS- Certified Threat Intelligence Analyst (NICCS-CCTIA), Global Information Assurance Certification (GIAC) or MAND Certified Threat Intelligence Analyst (MAND-CTIA) -OR- equivalent certification
A minimum of (4) four years of experience in a related security technology or discipline, such as: Cyber Intelligence, Incident Response & Monitoring, Cybersecurity Operations, and Cybersecurity Engineering
A minimum of (2) two years of experience performing Cyber Intelligence functions
Knowledge of advanced cyber threats, threat vectors, attacker methodology to include, tools, tactics, and procedures and how they tie into the Cyber Kill Chain or ATT&CK framework, Diamond Model etc.
Hands-on experience with Splunk ES, CrowdStrike EDR, and Trellix ENS to identify, isolate, and detect threats.
Possess excellent and effective verbal and written communication skills and the ability to produce activity- and national-level intelligence products and provide executive level and detailed level briefs to the customer and its organization.
Preferred Qualifications:
A bachelor’s of science (B.S.) degree
Ability to handle stress and work well under pressure and deal with ambiguity.
Ability to use MS Office, SIEM tools, Analytical and Critical Thinking Skills, Interpersonal and People Skills, Organizational and Management Skills, and can speak in front of customers, teams, etc.
Ability to effectively interact with various levels of senior management is necessary
Ability to make decisions and resolve problems effectively – Seek out information and data to evaluate, prioritize and formulate best solutions or practices
Ability to multi-task, work independently and as part of a team, share workloads, and deal with sudden shifts in project priorities
Security Clearance Requirements:
Must be a U.S. citizen
Must hold a current Top-Secret clearance
Physical Requirements:
Must be able to remain in a stationary position 50%.
Needs to occasionally move about inside the office to access file cabinets, office machinery, etc.
Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine and computer printer.
Often positions self to maintain computers in the lab, including under the desks and in the server closet.
Frequently communicates with co-workers, management, and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations.
May be asked to move Audio/Visual or Computer equipment weighing up to 50 pounds across and/or around a business campus or large facility.
For all positions requiring access to technology/software source code that is subject to export control laws, employment with the company is contingent on either verifying U.S.-person status or obtaining any necessary license. The applicant will be required to answer certain questions for export control purposes, and that information will be reviewed by compliance personnel to ensure compliance with federal law. ManTech may choose not to apply for a license for such individuals whose access to export-controlled technology or software source code may require authorization and may decline to proceed with an applicant on that basis alone.
ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active Duty Wartime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law.
If you require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please contact ManTech’s Corporate EEO Department at (703) 218-6000. ManTech is an affirmative action/equal opportunity employer – minorities, females, disabled and protected veterans are urged to apply. ManTech’s utilization of any external recruitment or job placement agency is predicated upon its full compliance with our equal opportunity/affirmative action policies. ManTech does not accept resumes from unsolicited recruiting firms. We pay no fees for unsolicited services.
If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access http://www.mantech.com/careers/Pages/careers.aspx as a result of your disability. To request an accommodation please click ca*****@ma*****.com and provide your name and contact information.
ManTech / Equal Opportunity Employer / JBMAN-R42720
JBMAN
Secret, CLZSS, SKINT, SKCYB, JBMAN SKUUU, USA-SC-Columbia USA-SC-Columbia ZC
