Principal Cyber Security Analyst

8/20/17
ManTech (www.mantech.com)
Other

/yr

  Full Time   Employee   Contractor


Arlington
Virginia
United States

Become an integral part of a diverse team that leads the world in the Mission, Cyber, and Intelligence Solutions group. At ManTech International Corporation, you ll help protect our national security while working on innovative projects that offer opportunities for advancement.

Currently, ManTech is seeking a motivated, career and customer oriented Principal Cyber Security Analyst to join our team in the Arlington, VA area to provide unparalleled support to our customer and to begin an exciting and rewarding career within ManTech.

Responsibilities include, but are not limited to:

As a Cyber Security Analyst, the tasks will include analyzing all relevant cyber security event data and other data sources for attack indicators and potential security breaches; produce reports, assist in coordination during incidents; and coordinate with the O&M team to maintain all security monitoring systems are on-line, up to date, and fully operational. Position is responsible for engineering new and maintaining current IT toolsets relevant to the environment.

Job Requirements:

. Position Requires 7-9 years experience in cyber security analysis, incident response, or related IA/Security experience.
. Possess Computer Information Systems Security Professional (CISSP) Certification
. Extensive knowledge and/or experience protecting network environments against insider threat.
. Experience working with Splunk Analytics tool.
. Knowledge of Cisco ISE, Stealthwatch, SourceFire and AMP
. Position Requires 7-9 years experience in cyber security analysis, incident response, or related IA/Security experience.

Responsibilities Include:

. Monitor intrusion detection and prevention systems and other security event data sources.
. Determine if security events monitored should be escalated to incidents and follow all applicable incident response and reporting processes and procedures.
. Ability to problem solve, ask questions, and discover why things are happening.
. Correlate data from intrusion detection and prevention systems with data from other sources
. Develop and produce reports on all activities and incidents to help maintain day to day status, develop and report on trends, and provide focus and situational awareness on all issues.
. Reporting outputs will be reviewed and approved to ensure quality and metrics are maintained.
. Responsible for tuning and filtering of events and information, creating custom views and content using all available tools following an approved methodology and with approval and concurrence from management.
. Notify the Customer of significant changes in the security threat against the Customer networks in a timely manner and in writing via established reporting methods.
. Coordinate with the O&M team to ensure production systems are operating efficiently.
. Produce daily/weekly/monthly/quarterly reporting as required by management.
. Maintain system baselines and configuration management items, including security event monitoring "policies" in a manner determined and agreed to by management. Ensure changes are made using an approval process agreed to in advance.
. Produce reports identifying significant or suspicious security events to appropriate parties. Include latest security threat information and tie back to specific intrusion sets of nation state actors when possible.
. Review and evaluate network modifications and recommend security monitoring policy updates.
. Establish procedures for handling each security event detected.
. Identify misuse, malware, or unauthorized activity on monitored networks. Report the activity appropriately as determined by the customer.
. Provide analytical support as needed for the overall projects and systems by working with engineers, O&M, and other personnel to ensure effective operations of all capabilities, piloting of new systems, and periodic updates to systems.
. Strong analytical and problem solving skills.
. Good interpersonal, organizational, writing, communications and briefing skills.

Education Requirements:

Bachelor's Degree in computer engineering, computer science, or other closely related IT discipline or Equivalent and 7-9 years of related experience.

Must possess Computer Information Systems Security Professional (CISSP) certification

Security Requirements:

U.S. Citizenship and an Active Top Secret Clearance with SCI Eligibility

Advertisement

 

Save This Job

Email This Job to a Friend