Cyber Detection Analyst (Third Shift) - Military veterans preferred

Entering ManTech’s 50th year,we hold the distinct honor of being named a “Top 100 Global Technology Company”by Thomson Reuters. We have earned this and many other accolades over the years for our dedication to serving the missions of our nation’s most important customers: U.S.Intelligence, Defense and Federal Civilian agencies. All know us as a trusted partner offering best-in-class solutions in cyber, data collection&analytics, enterprise IT, and systems and software engineering tailored to meet their specific requirements.

Become an integral part of a diverse team in the Mission, Cyber and Intelligence Solutions (MCIS) Group. Currently,ManTech is seeking a motivated, mission-oriented, Cyber Detection Analyst to support in the McLean, VA area, with strong Customer relationships. At ManTech, you will help protect our national security while working on innovative projects that offer opportunities for advancement.

The NIS Division provides mission solutions to a wide range of Defense and Intelligence Community customers. This division consists of a team of technical leaders that deliver advanced technical solutions to government organizations. Our customers have high standards,are technically adept, and use our products daily to support their mission of protecting national security. Our contributions to our customer’s success is driving our growth

This McLean based position will be fixed shift, 4 days per week (9 p.m. - 7 a.m.) and will hone your cyber skills with the latest technologies to take your career to a whole new level.


Job Responsibility:

• Identify misuse, malware, or unauthorized activity on monitored networks.
• Analyze all relevant cyber security event data and other data sources for attack indicators and potential security breaches.
• Assist in coordination during incidents.
• Identify intrusions utilizing various detection and prevention systems and other security event data sources on 24x7x365 basis.
• Analyze intrusion related data to determine root cause and identify follow on activity while coordinating with Incident Handlers, Hunters, and various partners.
• Correlate data from intrusion detection and prevention systems with data from other sources such as firewall, web server, and DNS logs, to include netflow, metadata, and pcap analysis.
• Contributes in tuning and filtering of events and information, creating custom views and content using all available tools.
• Review assembled data with firewall administrators, engineering, system administrators and other appropriate groups to determine the risk of a given event.
• Contribute to the development of playbooks and procedures for handling each security event detected.

Required Experience/Skills:

• Excellent interpersonal, organizational, writing, communications, and briefing skills.
• Strong analytical and problem solving skills.
• Minimum of three years of progressively responsible experience in Cyber Security, InfoSec, Security Engineering, Network Engineering with emphasis in cyber security issues and operations, computer incident response, systems architecture, data management.

Required Qualifications:

• Requires Bachelor's degree or equivalent and seven to nine years of related experience. Minimum of three years experience in technology/tools specific to the target platforms.

Required Tools:

• Familiarity with the following classes of enterprise cyber defense technologies:
• Security Information and Event Management (SIEM) systems.
• Network Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS).
• Host Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS).
• Network and Host malware detection, prevention and Host forensic applications.
• Web/Email gateway security technologies.

Required Certifications:

• DOD 8570 IAT Level I or CSSP-A.

Security Clearance Requirements: Active TS/SCI with Poly