full-time employee contract
Entering ManTech’s 50th year, we hold the distinct honor of being named a “Top 100 Global Technology Company” by Thomson Reuters. We understand that in order to hold this distinct honor, we must provide our employees with the opportunity to break through barriers. We reinvest in our employees through rich educational opportunities such as 100% paid tuition for qualifying Bachelor’s and Master’s degrees, rich training and certification programs allowing our employees to obtain industry best certifications, a variety of Communities of Practice (COPs) where employees can exchange knowledge and much more, along with a vast array of instruction and resources needed for personal and professional development through our very own ManTech University. In addition to those amazing benefits, ManTech also has a fully dedicated Career Mobility team to provide you with guidance and assistance to continue to grow your career with ManTech.
ManTech is seeking a motivated, career and customer oriented Senior Cyber Forensic Analyst to join our team in Chantilly, VA to provide unparalleled support to our customer and to begin an exciting and rewarding career within ManTech. Responsibilities include, but are not limited to:
· Performs post-mortem analysis of the magnetic media, optical media, and volatile data (memory images) collected from compromised systems.
· Performs cyber incident forensic analysis to include determining scope, urgency, and potential impact; identifies the specific vulnerability exploited and makes recommendations that enable expeditious remediation.
· Performs digital media forensics analysis to include static and dynamic binary analysis, file signature analysis, file system analysis, timeline analysis, hash analysis, etc.
· Performs remote incident handling support such as forensics collections, intrusion correlation tracking, threat analysis and direct system remediation tasks to on-site responders.
· Provides malware analysis to develop incident timelines to include: the dates and times of significant events, command and control domains, and call back addresses; threat objective; and compromised hosts and data.
· Creates indicators of compromise to facilitate detection and prevention of similar attacks.
· Researches new attacks and exploits.
· Provides forensic/malware analysis reporting.
· Contributes to the completion of milestones associated with specific projects.
· Provides solutions to a variety of complex technical problems.
· Minimum Education: B.S. or relevant experience in related field.
· Minimum/General Experience: 5-7 years of related experience.
· Minimum 2 years of experience in a Cybersecurity Operations Center environment
· Experience with COTS technologies used in a Cybersecurity Operations Center environment
· CNDSP-IR (GCIH, CSIH, or CEH) certification
· IAT Level II (GSEC, Security+, SSCP, or CCNA-Security) certification desired
Demonstrated technical experience:
· Previous experience conducting Forensic examinations of diverse Digital Media.
· Research experience in tracking cyber threat and malware campaign activity.
· Tool agnostic ability to conduct preliminary malware analysis.
· Familiarity with the classes of enterprise cyber defense technologies; SIEM, Network and host-based Intrusion Detection, System/Intrusion Prevention Systems (IDS/IPS).
· Prior experience in network forensics with an emphasis on detecting malicious activity using network traffic.
· Strong understanding of Operating Systems and Network Protocols.
· Experience doing dynamic malware analysis Working knowledge of database and operating system security.
· Understanding of latest security principles, techniques, and protocols.
· Ability to function in a fast-paced environment and effectively manage multiple tasks simultaneously; coordinating resources and ensuring scheduled goals are met.
· Ability to effectively interact with various levels of senior management is necessary.
· Ability to make decisions and resolve problems effectively – Seek out information and data to evaluate, prioritize and formulate best solution or practice.
· Must be able to multi-task, work independently and as part of a team, share workloads, and deal with sudden shifts in project priorities.
· Must possess an active TS/SCI w/ a CI polygraph.