Cyber Lead Incident Handler - Military veterans preferred

ManTech (


  full-time   employee   contract

United States

Entering ManTech’s 50th year, we hold the distinct honor of being named a “Top 100 Global Technology Company” by Thomson Reuters. We have earned this and many other accolades over the years for our dedication to serving the missions of our nation’s most important customers: U.S. Intelligence, Defense and Federal Civilian agencies. All know us as a trusted partner offering best-in-class solutions in cyber, data collection & analytics, enterprise IT, and systems and software engineering tailored to meet their specific requirements.

Become an integral part of a diverse team in the Mission, Cyber and Intelligence Solutions (MCIS) Group. Currently, ManTech is seeking a motivated, mission oriented Cyber Lead Incident Handler in the McLean, Virginia area, with strong Customer relationships. At ManTech, you will help protect our national security while working on innovative projects that offer opportunities for advancement.

The NIS Division provides mission solutions to a wide range of Defense and Intelligence Community customers. This division consists of a team of technical leaders that deliver advanced technical solutions to government organizations. Our customers have high standards, are technically adept, and use our products daily to support their mission of protecting national security. Our contributions to our customer’s success is driving our growth.

The Cyber Lead Incident Handler on this agency-level Cyber Security support contract performs the following duties:

• Manages a growing team of incident response experts
• Evaluates, proposes, and transforms capabilities, procedures, tactics, and techniques to better execute the IR mission
• Performs actions in response to identified cyber intrusions
• Determines appropriate course of action in response to identified cyber security incidents or anomalous network activity
• Performs advanced analysis to include forensic seizures of hardware, malware triage and dynamic analysis, and determination of the scope of compromise during a cyber incident
* Communicates with stakeholders and leaders to ensure incidents are managed appropriately
* Acts as incident command during small scale incidents and cyber response subject matter expert during large scale incidents
• Recommend enterprise protection measures based on incident trends
• Prepares detailed recommendations for network defense improvements to close or mitigate incidents
• Recruits and mentors incident handler talent
• Documents impactful achievements of the team for leadership

Required Experience/Skills:

• Demonstrated experience in cyber incident response/detection or expert network engineering, system administration, or devops
• Excellent interpersonal, organizational, writing, communications, and briefing skills
• Strong analytical and problem solving skills
• Minimum of five years of progressively responsible experience in Cyber Security, InfoSec, Security Engineering, Network Engineering with emphasis in cyber security issues and operations, computer incident response, systems architecture, data management
• Panel interview and acceptance by the customer as a KEY team member

Familiarity with the following classes of enterprise cyber defense technologies:
• Security Information and Event Management (SIEM) systems
• Network Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS
• Network and Host malware detection and prevention
• Network and Host forensic applications
• Web/Email gateway security technologies
* Experience with Splunk, Windows PowerShell, or similar technologies

Required Certifications:
DOD 8570 IAT Level I or CSSP-A

Required Degree:
BS (bachelor's degree in electrical engineering, computer engineering, computer science, or other closely related IT discipline)

Security Requirements:
TS/SCI with Poly