Counter-Insider Threat Lead - Military veterans preferred

ManTech (


  full-time   employee

Fort Belvoir
United States

Where applicable, confirmation that you meet customer requirements for facility access which may include proof of vaccination and/or attestation and testing, unless an accommodation has been approved.

Secure our Nation, Ignite your Future


Responsibilities include, but are not limited to:

The Counter-Insider Threat (CInT) Area Lead provides technical leadership, direction, and management to the contract workforce managing the full range of insider threat identification, investigation, mitigation, and closure for a mid-sized Defense Agency (10,000+ personnel) with support and assistance from national and intra-organizational partners. Staff experienced in risk management will support the execution and refinement of processes, procedures, and analysis of data feeds to identify indicators of potential insider threats. Personnel triage and prioritize potential insider threats via a case management process, and work with Government and contractor colleagues to implement appropriate risk mitigations.

Your leadership will support execution of the MDA Insider Threat Program IAW DoD Directive 5205.16, MDA Directive 5205.07, Presidential Memorandum, “National Insider Threat Policy and Minimum Standards for Executive Branch Insider Threat Program,” other issuances, and SOPs. You shall assist in the horizontal review and analysis of data feeds from various MDA components, and outside sources to identify potential insider threat behaviors and indicators, and report those finding to the Insider Threat Program Manager; providing interdisciplinary subject matter expertise including, but not limited to investigations, security, counterintelligence (CI), cybersecurity, data analytics, and psychology, to aid in the identification of insiders who may present a risk to the Agency and its mission. All personnel directly supporting the Insider Threat Mitigation Cell will be required to successfully pass initial and periodic Counterintelligence Scope Polygraph examinations with no deception indicated.

  • Assist in developing, maintaining, and evolving an automated capability to data mine and analyze large volumes of data to identify potential insider threat behaviors, indicators or concerns.
  • Assist in inter-/intra-organizational communication and coordination with the Defense Insider Threat Management and Analysis Center (DITMAC); OUSD(I), National Insider Threat Task Force; and, MDA organizations executing Human Resources, Legal, Security, CI, CIO, Internal Review and Equal Employment Opportunity functions.
  • Develop and maintain an insider threat triggers and behavioral indicators list to facilitate timely analysis of data feeds.
  • Gather, integrate, review, analyze, and respond to information derived from CI, Security, CIO, HR, Law Enforcement, User Activity Monitoring, and other information sources to identify potential insider threat concerns. Develop and deliver Anomalous Activity Reports to the ITPM when the analysis of collected information identifies a potential insider threat.
  • Prepare an annual Counter-Insider Threat self-assessment reports and information papers, including recommendations to mitigate threats to potential insider threat concerns; prepare and maintain insider threat reports, case files, and database entries.
  • Update and maintain the MDA Insider Threat SharePoint.
  • Assist in developing and presenting Insider Threat awareness products.
  • Assist in the development and execution of bi-weekly Insider Threat Case Management Council meetings.
  • Support the Contract Program Manager with managerial and business aspects relevant to the SOW CInT requirements

Basic Qualifications:

  • BA/BS in related field such as criminal justice, intelligence or security studies required
  • Excellent written and oral communication skills
  • Must have 15 years of Project Management experience, five of which must involve overseeing CInT tasks and functions
  • Proficiency with Security Information and Event Management Software
  • Able to conduct web-based research and analysis, familiarity with Security Incident & Event Management (SIEM) Software (e.g., Splunk)
  • Must be proficient in standards, principles, practices, and processes related to CInT support for Defense or Intelligence Agencies
  • Must have, or be able to obtain, Counter-Insider Threat Professional Fundamentals and Analysis (CCITP-F and CCITP-A) certification within six months of hire
  • Must have previously taken, or be signed up to take, National Insider Threat Hub Operations Course within six months of hire

Preferred Qualifications:

  • CI trained and certified to Under Secretary of Defense/Intelligence (USD/I) approved standards pursuant to DoD Directive 5240.02
  • Experience with User Activity Monitoring desired

Security Clearance Requirements:

  • TS with SCI eligibility and CI Poly required  

Physical Requirements:

  • Sedentary


For all positions requiring access to technology/software source code that is subject to export control laws, employment with the company is contingent on either verifying U.S.-person status or obtaining any necessary license. The applicant will be required to answer certain questions for export control purposes, and that information will be reviewed by compliance personnel to ensure compliance with federal law. ManTech may choose not to apply for a license for such individuals whose access to export-controlled technology or software source code may require authorization and may decline to proceed with an applicant on that basis alone.

ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active Duty Wartime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law.

If you require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please contact ManTech's Corporate EEO Department at (703) 218-6000. ManTech is an affirmative action/equal opportunity employer - minorities, females, disabled and protected veterans are urged to apply. ManTech's utilization of any external recruitment or job placement agency is predicated upon its full compliance with our equal opportunity/affirmative action policies. ManTech does not accept resumes from unsolicited recruiting firms. We pay no fees for unsolicited services.

If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access as a result of your disability. To request an accommodation please click and provide your name and contact information.