Advanced Cyber Forensic Analyst - Military veterans preferred

Become an integral part of a diverse team that leads the world in the Mission, Cyber, and Intelligence Solutions group. At ManTech International Corporation, you will help protect our national security while working on innovative projects that offer opportunities for advancement.

Currently, ManTech is seeking a motivated, career and customer oriented Advanced Cyber Forensic Analyst to join our team in Huntsville, AL to provide unparalleled support to our customer and to begin an exciting and rewarding career within ManTech.

A qualified candidate will be responsible for the following duties and responsibilities, but are not limited to:

•Conduct activities to deter unauthorized persons from obtaining sensitive or classified information from networks and information technology (IT) devices.
•Conduct digital forensic examinations in support of potential CI incidents, cyber incidents, and suspected intrusions to determine FIE involvement pursuant to DoD Instruction O-5240.21 and support to security incidents to determine the presence of classified or sensitive information on digital media. Will assist with the preparation of the cyber forensic laboratory reports.
•Conduct analysis of information technology auditing and monitoring logs provided by the customer to detect and identify CI insider threat indicators pursuant Enclosure 3, DoD Instruction S- 5240.23. Will notify the customer’s Computer Incident Response Team of Computer Network Defense issues and concerns.
•Conduct cyber activities in support of flight test events, conferences, and off-site meetings, or other activities, to detect unauthorized WiFi connections and potential FIE activities targeting (IT) networks or devices.
•Conduct Cyber Threat Awareness training pursuant to DoD Instruction 5240.26. A candidate will develop and publish cyber threat awareness bulletins and pamphlets and conduct periodic briefings to increase workforce awareness of cyber threats and associated mitigation strategies or remedies.
•Become the operational liaison, attend working groups and other cyber threat related meetings with national and DoD cyber intelligence threat communities to maintain awareness of current and emerging FIE cyber threats targeting the networks. Submit liaison contact reports and meeting notes to the customer. In addition, a qualified candidate will assist in developing procedures and proactive initiatives to detect, identify, and mitigate FIE activities targeting administrative and fire control networks.
•Expand the existing Cyber and CI Research Network infrastructure to facilitate remote access from any physical EIX location pursuant to Enclosure 3, DoD Instruction S-5240.23.
•Assist in the management and operation of the CI Cyber Lab. Maintain the schedule for use of the Cyber Lab which includes coordinating technical and analytic tasks within the Cyber Lab; maintain Cyber Lab Standard Operating Procedure.
•Assist in management and operation of the Joint Cyber Collaboration Center. Participate in advanced analysis, discussions, and decision recommendations with CERT, Insider Threat, and EIX leadership to determine proper courses of action based on active and past cyber anomalies.
•Implement a professional cyber education path to ensure that as a minimum, certified cyber forensics specialists performing forensic laboratory support tasks attend the following training courses: SANS Institute’s Course FOR610, Reverse Engineering Malware Tools and Techniques; FOR526, Memory Forensics In-depth; Cyber Security and Forensics Analysis; FOR408 Windows Forensic Analysis; Encase On-demand Computer Forensics; Cisco Entry-Level Technician; Cellebrite Mobile Forensics Fundamentals; Certified Logical Operator; Physical Analyst; and Mobile Examiner.

Candidates are expected to bring expert-level knowledge in Computer Forensics in some or all of the subject areas below:

Forensic examinations of diverse Digital Media to include:
•Digital forensic examinations.
•File system forensics.
•Advanced registry and Internet history analysis.
•Steganography detection and analysis.
•Large data set analysis and Target Keyword search.
•Forensic tool and script development.
•Metadata extraction and analysis.

Familiarity with the following classes of enterprise cyber defense technologies:
•Security Information and Event Management (SIEM) systems.
•Network and host-based Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS).
•Network and host-based sensor and firewall technologies.
•Network and host-based malware detection and prevention.
•Network and host-based forensic applications.
•Web/e-mail gateway security technologies.

Network forensics and analysis:
•Generating forensic reports of interest to customers.
•Coordinate, develop and promulgate forensic and technical collection standards for the customer.
•Provide technical support for federated partners, internal customer, and deployed platforms.
•Provide global (deployable) technical collection response capabilities, as required.
•Plan, integrate and execute full-spectrum technical collection plans, exercises, training and operations as required.

Security Clearance Requirement:
Active/current TS/SCI clearance is required.