Detection -1st Shift Lead/Watch Office

ManTech (


  Full Time   Employee   Contractor

United States

Become an integral part of a diverse team that leads the world in the Mission, Cyber, and Intelligence Solutions group. At ManTech International Corporation, you will help protect our national security while working on innovative projects that offer opportunities for advancement.

Currently, ManTech is seeking a motivated, career and customer oriented Cyber Incident Response Watch Officer to join our team in the Herndon area to provide unparalleled support to our customer and to begin an exciting and rewarding career within ManTech.

As the Cyber Incident Response Watch Officer, you will lead cyber incident response and administrative activities related to Computer Network Defense (CND) as part of an Intelligence Cyber Incident Response Team (CIRT) 24x7 cyber Watch Center. The candidate will coordinate and collaborate with Intelligence Community (IC) elements to maintain Common Situational Awareness (CSA) of network incidents and events for the community, orchestrate cyber incident response actions and analysis, ensure analytic sufficiency and documentation, and supervise a team of cyber security analysts and incident handlers. As a member of the CIRT contract team, the candidate will be expected to collaborate closely with internal units, Department of Defense (DoD), and other Federal/Civilian entities to ensure successful mission accomplishment with the intention of meeting and exceeding the CIRT's long-term goals.

Responsibilities include, but are not limited to:
• Work an 8-hour shift on the CIRT Watch Floor
• Hours:
o Day Shifts: 6 - 2 pm with core hours, Monday through Friday
o Swing Shifts: 2 – 10 pm with core hours, Monday through Friday
o Night Shifts: 10 – 6 am with core hours, Sunday through Thursday
• As required, brief senior leadership daily on emerging threats, high profile incidents, and upcoming events
• Possess experience leading cyber, technical, or analytical teams
• Conduct cyber intelligence link analysis utilizing open-source and classified research on emerging/trending threats and vulnerabilities
• Collaborate between CIRT elements as necessary during incident detection and response stages
• Respond promptly to all request for support whether telephonic, via e-mail or instant messenger
• Maintain incident case management database for all reported incidents
• Analyze incidents and events captured in the Case Management Database for trends, patterns, or actionable information
• Review incidents and events captured in the Case Management Database after closure for investigative sufficiency and timeliness
• Leverage existing business processes and where necessary define and document new repeatable business processes and procedures
• Establish a baseline understanding of IC-wide network assets and capabilities through community outreach and persistent communication with IC elements
• Research external information on events, incidents, outages, threats, and technical vulnerabilities
• Coordinate and disseminate the best course of action for the enterprise during cybersecurity events, incidents, outages, threats and technical vulnerabilities with partner fusion analysis teams
• Coordinate individual organizational actions to reduce overall shared risk to the information technology environment
• Assess incidents to identify type of attack, estimate impact, and collect evidence
• Recommend range of mitigation actions for decision making at the Action-Officer and Senior Leadership level
• Maintain personnel accountability systems

Position Requirements:
• Bachelor’s degree in Computer Science, Information Assurance, Computer Security, or equivalent with 3-5 years watch operations experience
• Have demonstrated leadership qualities
• Be an expert in information security incident handling
• Experience with Cyber Intelligence Analysis or Intelligence Analysis
• Possess excellent technical written and verbal communication skills
• Must be 8570 compliant
o Desired certifications include Security+, CISSP or equivalent, CEH or equivalent

Security Requirements:
• Must possess a TS/SCI clearance with POLY.


To apply for this job, contact:
Human Resources

Save This Job

Email This Job to a Friend