Secure our Nation, Ignite your Future
Computer Network Defense Intrusion Analyst
The successful candidate will work with multiple components in support of the subscribers of the Defense Information Systems Agency (DISA) Computer Network Defense Service Provider (CND-SP) and other supported components. The candidate will interact with members of intrusion analysis, incident response, vulnerability assessment, external assessment, and cyber threat analysis teams to support the capabilities of the organization and provide effective services to its subscribers.
Specific duties include:
- First-level/follow-on intrusion incident analysis
- Incident, event, and mission impact determination/escalation/prioritization
- Data entry into incident management and tracking database
- Coordination of incident and event feedback to customers
- Customer Support Desk operations
- Support IA Ops reviews, assessments, exercises, and operations surges
- Incident-event-network outage correlation
- Anti-virus software support – Assist with download, setup and configuration errors
- Coordination between Theater CND teams, other Computer Emergency Response Teams (CERT), Global, Joint or Theater Command and Control Centers, and Service Theater CERTs
• Education: Bachelor's degree in a computer science, electrical engineering, or similarly related technical discipline + 5 years of experience in a technical environment, or Master’s Degree + 2 years’ experience, or relevant certification + 10 years’ experience, two years of which shall be with an accredited Computer Network Defense Service Provider or equivalent.
• Licenses/Certification: DOD 8570.01M CND Analyst or CND Incident Responder (Security+CE minimum to start). Certified Ethical Hacker (CEH) will be required within 4 months of start date
• Candidate must have an active TS clearance (or TS/SCI). Will be processed for TS/SCI.
• Knowledge of security concepts, protocols (TCP/IP, HTTP, etc.), well-known ports (DNS, SMTP, FTP, LDAP, etc.), processes, architectures, and tools (authentication and access control technologies, intrusion detection, network traffic analysis, SIM technology, incident handling, media/malware analysis, etc.)
• Experience with analyzing network traffic for suspicious and malicious activity using tools such as Wireshark (or equivalent) for packet capture analysis and the Carnegie-Mellon SiLK suite for flow data analysis
• Experience with incident/event correlation tools such as ArcSight
• Scripting Language (one or more of the following): Perl/Python/BASH
• Current knowledge of CYBERCOM CNDSP policies and procedures
• Knowledge of Snort intrusion detection signatures
Hours: 40 hrs/week; Shift work with ability to work on a schedule that may include nights, weekends, and holidays.
Location: Scott AFB, IL (O'Fallon, IL)
Contract: The GSM-O 7-year contract is fully funded. Our GSM-O II re-compete award was announced and is valid for an additional 10 years.
POC: If interested, please apply to this position online/upload your resume and also directly contact our DISA GSM-O Recruiting Lead, Tom Stack, , 410-272-8989 (please send copy of your resume and certifications).
ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active Duty Wartime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law.
If you require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please contact ManTech's Corporate EEO Department at (703) 218-6000. ManTech is an affirmative action/equal opportunity employer - minorities, females, disabled and protected veterans are urged to apply. ManTech's utilization of any external recruitment or job placement agency is predicated upon its full compliance with our equal opportunity/affirmative action policies. ManTech does not accept resumes from unsolicited recruiting firms. We pay no fees for unsolicited services.
If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access http://www.mantech.com/careers/Pages/careers.aspx as a result of your disability. To request an accommodation please click email@example.com and provide your name and contact information.