Full Time Employee Contractor
Become an integral part of a diverse team that leads the world in Mission, Cyber, and Intelligence Solutions. At ManTech International Corporation, you will help protect our national security while
working on innovative projects that offer opportunities for advancement.
As an Intrusion Detection Analyst Lead your duties will include analyzing all relevant cyber security event data and other data sources for attack indicators and potential security breaches; produce reports,
assistin coordination during incidents; and coordinate with the O&M team to maintain all security monitoring systems are on-line, up to date, and fully operational. This tasks references analytical
responsibilities for all systems and /or projects within CIRT. To include all existing and future network and host-based protection. As the shift Lead your duties will include managing and mentoring a group
of highly experienced IDS Analyst.
• Monitor intrusion detection and prevention systems and other security event data sources on a 24x7x365 basis. Determine if security events monitored should be escalated to incidents and follow all
applicable incident response and reporting processes and procedures.
• Ability to problem solve, ask questions, and discover why things are happening.
• Correlate data from intrusion detection and prevention systems with data from other sources such as firewall, web server, and DNS logs.
• Analyst are responsible for tuning and filtering of events and information, creating custom views and content using all available tools following an approved methodology and with approval of
concurrence from the Staff management.
• Provide support for the Government CIRT Hotline and appropriately document each call in an existing tracking database for this purpose.
• Coordinate with the O&M team to ensure production CIRT systems are operational.
• Review assembled data with firewall administrators, engineering, system administrators and other appropriate groups to determine the risk of a given event.
• Establish procedures for handling each security event detected.
• Analyst should all be able to create custom content and develop new use cases to better correlate security event information.
• Develop and utilize “Case Management” processes for incident and resolution tracking. The processes should also be used for historic recording of all anomalous or suspicious activity. Currently,
processes in place now use the JIRA tool.
• Identify misuse, malware, or unauthorized activity on monitored networks. Report the activity appropriately as determined by CIRT Management.
• Maintain proficiency and skills through relevant training, on-the-job training and self-study.
• Answer the Government CIRT Hotline and appropriately document each call in an existing tracking database for his purpose.
• Monitoring and responding to the CIRT e-mail addresses.
•Monitor, document and respond to centrally collected virus data.
• Supervising and training assigned personnel
• A Bachelor’s Degree in computer engineering, computer science, or other closely related IT discipline.
• Strong analytical and problem solving skills.
• Minimum of three years of progressively responsible experience in cyber security analysis, incident response, or related experience.
• Good interpersonal, organizational, writing, communications and briefing skills.
• 8570 compliant IAT Level I Certification or CND-A
Clearance Required: TS/SCI with Poly
SHIFT: Swing (Monday-Friday) 2 PM - 10 PM
To apply for this job, contact: