Computer Forensic & Intrusion Analyst - Military veterans preferred

ManTech (


  full-time   employee

District of Columbia
United States

Where applicable, confirmation that you meet customer requirements for facility access which may include proof of vaccination and/or attestation and testing, unless an accommodation has been approved.

Secure our Nation, Ignite your Future

Become an integral part of a diverse team while working at an Industry Leading Organization, where our employees come first. At ManTech International, you’ll help protect our national security while working on innovative projects that offer opportunities for advancement. 

We take National Security seriously. We focus on strategic and unified work to strengthen the security, resiliency, and workforce of the cyber ecosphere. This is your opportunity to join a team that is making an impact on protecting National interests including state, local, tribal and territorial Governments and critical infrastructure.


Currently, ManTech is seeking a motivated, mission and customer-oriented Computer Forensic & Intrusion Analyst to join our team in the Washington D.C. area.  


Responsibilities include but are not limited to: 

  • Perform digital forensic analysis, including network and host based

  • Collect, process, analyze, preserve, and present computer-related evidence in support of cyber incidents, law enforcement, and fraud or counterintelligence

  • Provide advisory network intrusion services in terms of Computer Network Defense analysis supporting active security monitoring missions in the technical domain areas of Internet protocols (i.e., TCPIIP and IPSec)

  • Provide initial event analysis assessing risk and vulnerability implications for agency technologies and customers

  • Identify, evaluate, and recommend new opportunities for active/holistic defense against adversarial activities based on vulnerability information to protect agency networks, devices, and information

  • Discover, characterize, and assess anomalous network and platform activity on various information systems

  • Perform active hunt activities based on current cyber threat intelligence

  • Conduct vulnerability assessments/penetration tests of information systems

  • Perform detailed analysis to reconstruct the series of events that led to a compromise or breach

  • Investigate, develop, and apply statistical methods, counterintelligence, and computer forensic analysis techniques to enhance network security and mitigate malicious threats

  • Advise incident response team of risk mitigation measures and modifications to operational priorities based on Information Assurance (IA) vulnerability information

  • Identify potential areas for deeper dive analysis of threat and vulnerabilities

  • Advise of tools employment to discover new cyber threat actors

  • Assess network topologies to understand data flows through networks and provide mechanisms to tip countermeasures

  • Provide reports detailing adversarial capabilities, exploits, Cyber activity, and vulnerabilities in addition to mitigation techniques and best practices in defeating threats

  • Collaborate team to establish relevant tactics, techniques and procedures for prioritized cyber actors identified in the threat model

  • Collaborate with Government to discuss/resolve technical issues and/or changes in operating scope 


Basic Qualifications: 

  • Bachelor’s degree with 5 or more years of experience in digital forensics and incident response and threat hunt activities  

  • 3 years of experience with commercial/government off-the-shelf and/or Free and Open-Source Software (FOSS) Intrusion Detection Systems and frameworks

  • Possess advanced knowledge across various IT platforms to understand how attacks occur and what residual indicators might result

  • Investigate and advise of innovative solutions to threat-monitoring challenges; validate implementation of enterprise-level networking and security solutions in addressing said challenges

  • Experience with:

  • Digital forensic examinations

  • File system forensics

  • Registry and Internet history analysis

  • Steganography detection and analysis

  • Large data set analysis and target keyword search

  • Forensic tool and script development

  • Metadata extraction and analysis

  • Security Information and Event Management (SIEM) systems

  • Network and host-based Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS)

  • Network and host-based sensor and firewall technologies

  • Network and host-based malware detection and prevention

  • Network and host-based forensic applications

  • Web/e-mail gateway security technologies 


Preferred Qualifications: 

  • Master’s degree with 5 or more years’ experience in digital forensics and incident response and threat hunt activities  

  • Certification/s like:  Global Information Assurance Certifications (GIAC) of Certified Forensic Examiner, Network Forensic Analyst, Cyber Threat Intelligence, and EnCase Certified Examiner (EnCE)

  • Experience with SAFe Agile Scrum Software Development methodologies with a cross-functional team approach

  • Capable of providing hands-on experience with network security, network analysis, and digital/computer forensics

  • Capable of applying analytical principles and practices, research and technical support in the development and production of a forensics laboratory for CI activities

  • Core Competencies in Computer Forensics, Computer Network Defense, Software Testing and Evaluation, System Administration, and Threat Analysis

  • Identify digital evidence for examination and analysis in such a way as to avoid unintentional alteration 


Clearance Requirements: 

  • Top Secret w/SCI 


Physical Requirements: 

  • Must be able to be in a stationary position more than 50% of the time 

  • Must be able to communicate, converse, and exchange information with peers and senior personnel 

  • Constantly operates a computer and other office productivity machinery, such as a computer 

  • The person in this position frequently communicates with co-workers, management, and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations 

The person in this position needs to occasionally move about inside the office to access file cabinets, office machinery, etc

For all positions requiring access to technology/software source code that is subject to export control laws, employment with the company is contingent on either verifying U.S.-person status or obtaining any necessary license. The applicant will be required to answer certain questions for export control purposes, and that information will be reviewed by compliance personnel to ensure compliance with federal law. ManTech may choose not to apply for a license for such individuals whose access to export-controlled technology or software source code may require authorization and may decline to proceed with an applicant on that basis alone.

ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active Duty Wartime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law.

If you require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please contact ManTech's Corporate EEO Department at (703) 218-6000. ManTech is an affirmative action/equal opportunity employer - minorities, females, disabled and protected veterans are urged to apply. ManTech's utilization of any external recruitment or job placement agency is predicated upon its full compliance with our equal opportunity/affirmative action policies. ManTech does not accept resumes from unsolicited recruiting firms. We pay no fees for unsolicited services.

If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access as a result of your disability. To request an accommodation please click and provide your name and contact information.