Secure our Nation, Ignite your Future
ManTech’s Global Information Grid (GIG) Service Management-Operations (GSM-O) Program has an opening for a Cybersecurity Fusion Analyst supporting JFHQ-DODIN at Ft. Meade, MD.
The selected candidate shall execute in real time, in accordance with mission requirements, incident handling, triage of events, network analysis and threat detection, trend analysis, metric development, vulnerability information dissemination, and the DoD CNDSP methodology.
· Leverage intelligence and operational data, information and processes to identify threats, improve security, and reduce the enterprise’s exposure of vulnerabilities.
· Support various collaborative and cross functional (Intelligence, Current Operations, Future Operations, Logistics, Planning, Resourcing and Requirements) forums to achieve centrally coordinated, threat informed and prioritized vulnerability scoring and mitigation methodology.
· Support the development of Cyber Fusion Standard, Cyber Fusion Framework and Methodology based on industry best practice and department of defense instruction, guidance, and policy.
· Perform threat informed analysis by leveraging serialized reporting, intelligence product sharing, OSINT, and open source vulnerability information to ensure prioritized plans are developed.
· Analyze and document malicious cyber actors TTPs, providing recommendations and alignment to vulnerabilities and applicability to the enterprise operational environment.
· Discover adversary campaigns, anomalies and inconsistencies in sensor and system logs, SIEMs, and other data; investigate to identify or rule out system compromises, provide written analytic summaries and attack life cycle visualizations.
· Provide threat analysis, track relevant prioritized incidents and provide recommended reporting requirements in coordination with JDOC.
· Provide risk assessments and recommendations based on analysis of technologies, threats, intelligence, and vulnerabilities.
· Recommend adjustment of countermeasures, enterprise or tactical, to account for threats impacting the DODIN.
· Recommend adjustment of prioritized enterprise focused analysis based on immediate threat identified based on intelligence and other analysis performed.
· Bachelor's degree in a related discipline with 8 to 12 years of applicable combined education and experience; additional related years of experience is accepted in lieu of a degree.
· Active DoD TS/SCI clearance and eligible for C/I Polygraph
· IAM Level II & III, CSSP Analyst, (Security +, CySA+, GICSP, GSEC, CND, CISSP, CASP+, GCIA, GCIH, GCFA, CEH), GIAC Certification, Cloud Security Architecture
and Operations Familiarity with all related aspects of cybersecurity operations/analysis (e.g. incident response & management, forensic media analysis, malware analysis/reverse-engineering, cyber threat intelligence analysis, etc.) and security architecture & engineering.
· In-depth knowledge of network and application protocols, cyber vulnerabilities and exploitation techniques and cyber threat/adversary methodologies (TTPs).
· Proficiency working with various types of network data (e.g. netflow, PCAP, custom application logs)
· Experience with DISA and DoD Networks.
· Skilled in building extended cyber security analytics.
· Demonstrated experience briefing Senior Executive Service (SES) and General Officer/Flag Officer (GO/FO) leadership.
· Experience in intelligence driven defense and/or cyber Kill Chain methodology.
Security Clearance Requirement:
TOP SECRET with SCI Eligibility in JPAS and eligible for C/I Polygraph. Must be a U.S. Citizen
Hours: 40 hrs/week; Standard Monday to Friday day shift.
Location: Ft. Meade, MD
Contract: The GSM-O 7-year contract is fully funded. Our GSM-O II re-compete award was announced and is valid for an additional 10 years.
POC: If interested, please apply to this position online/upload your resume and also directly contact our DISA GSM-O Recruiting Lead, Ben Sheppard, firstname.lastname@example.org, 717-491-8346 (please send copy of your resume and certifications).
For all positions requiring access to technology/software source code that is subject to export control laws, employment with the company is contingent on either verifying U.S.-person status or obtaining any necessary license. The applicant will be required to answer certain questions for export control purposes, and that information will be reviewed by compliance personnel to ensure compliance with federal law. ManTech may choose not to apply for a license for such individuals whose access to export-controlled technology or software source code may require authorization and may decline to proceed with an applicant on that basis alone.
ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active Duty Wartime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law.
If you require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please contact ManTech's Corporate EEO Department at (703) 218-6000. ManTech is an affirmative action/equal opportunity employer - minorities, females, disabled and protected veterans are urged to apply. ManTech's utilization of any external recruitment or job placement agency is predicated upon its full compliance with our equal opportunity/affirmative action policies. ManTech does not accept resumes from unsolicited recruiting firms. We pay no fees for unsolicited services.
If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access http://www.mantech.com/careers/Pages/careers.aspx as a result of your disability. To request an accommodation please click email@example.com and provide your name and contact information.