Full Time Employee Contractor
Become an integral part of a diverse team that leads the world in Mission, Cyber, and Intelligence Solutions. At ManTech International Corporation, you will help protect our national security while working on innovative projects that offer opportunities for advancement.
As the IDS Analyst, you will monitor and analyze network traffic, IDS alerts, network and system logs, and available open source information to detect and report threats to customer networks. You will perform CERT/SOC operations to include IDS event monitoring and analysis, security incident handling, incident reporting, and threat analysis. To be successful in this role you should be familiar with common Intrusion Detection Systems, virus and malware behavior, and intrusion methodologies. You will also be responsible for determining appropriate response action(s) required to mitigate risk and provide threat and damage assessment for security threats which may impact the customer networks.
In this role you will also be responsible for the analysis and reporting of cyber threats as well as assist in deterring, identifying, monitoring, investigating and analyzing computer network intrusions. Additional duties may include providing intrusion support to high technology investigations in the form of computer evidence seizure, computer forensic analysis, data recovery, and network assessments.
·1.5+ years hands-on experience in the detection, response, mitigation, and/or reporting of cyber threats affecting client networks and one or more of the following: experience in computer intrusion analysis and incident response; intrusion detection; computer network surveillance/monitoring; knowledge and understanding of network protocols, network devices, multiple operating systems, and secure architectures; experience in computer evidence seizure, computer forensic analysis, and data recovery; and computer network forensics.
·A bachelor?s degree in a related discipline is preferred however equivalent years of hands-on analysis and reporting experience may be considered in lieu of educational requirements
· Applicants must be able to work in a team environment. Some travel may be required.
· Previous operational experience in a CIRT, SOC, or CERT environment
· Additional knowledge areas of value include malware analysis, vulnerability assessment, penetration testing, and computer forensics.
· Prior experience with data visualization products such as Analyst Notebook
· Prior experience with ArcSight, NetWitness, and Remedy
Security Requirements: Applicants MUST HAVE an active TOP SECRET security clearance w/ eligibility to obtain SCI access.
Keywords: IDS, intrusion detection, ArcSight, CIRT, SOC, CERT
Hours: Wed thru Sat 9 pm - 7 am