Computer Network Defense Intrusion Analyst - Military veterans preferred

ManTech (


  full-time   employee

Scott Afb
United States

Where applicable, confirmation that you meet customer requirements for facility access which may include proof of vaccination and/or attestation and testing, unless an accommodation has been approved.

Secure our Nation, Ignite your Future

All ManTech employees will need to meet the requirements set forth in Executive Order 14042 and the Safer Federal Workforce Task Force Guidance requiring all covered contractor personnel to be fully vaccinated against COVID-19.

Become an integral part of a diverse team while working at an Industry Leading Organization, where our employees come first.  At ManTech International Corporation, you’ll help protect our national security while working on innovative projects that offer opportunities for advancement.

Currently, ManTech is seeking a motivated, career and customer-oriented Computer Network Defense Intrusion Analyst to join our team at Scott AFB (O'Fallon, IL) or Hill AFB (Odgen, UT).

We support the Defense Information Systems Agency’s (DISA) cyber operations with positions at Hill AFB, UT and Scott AFB, IL. We support this critical mission providing a globally accessible enterprise information infrastructure directly supporting joint warfighters and national level leaders across the full spectrum of military operations.

Responsibilities include, but are not limited to:?

  • Working with multiple components in support of the subscribers of the Defense Information Systems Agency (DISA) Computer Network Defense Service Provider (CND-SP) and other supported components.

  • Interacting with members of intrusion analysis, incident response, vulnerability assessment, external assessment, and cyber threat analysis teams to support the capabilities of the organization and provide effective services to its subscribers.  

  • Acting as First-level/follow-on intrusion incident analysis.

  • Handling incident, event, and mission impact determination/escalation/prioritization

  • Data entry into incident management and tracking database.

  • Coordination of incident and event feedback to customers.

  • Customer Support Desk operations.

  • Supporting IA Ops reviews, assessments, exercises, and operations surges.

  • Incident-event-network outage correlation.

  • Anti-virus software support – Assisting with download, setup and configuration errors.

  • Coordinating between Theater CND teams, other Computer Emergency.

  • Working with Response Teams (CERT), Global, Joint or Theater Command and Control Centers, and Service Theater CERTs.

Basic Qualifications:

  • DoD 8570 IAT Level II (Security+ CE or equivalent).

  • Certified Ethical Hacker (CEH) will be required within 4 months of start date.

  • Bachelor's degree in a computer science, electrical engineering, or similarly related technical discipline + 5 years of experience in a technical environment, or Master’s Degree + 2 years’ experience, or relevant certification + 10 years’ experience, two years of which shall be with an accredited Computer Network Defense Service Provider or equivalent.

  • Knowledge of security concepts, protocols (TCP/IP, HTTP, etc.), well-known ports (DNS, SMTP, FTP, LDAP, etc.), processes, architectures, and tools (authentication and access control technologies, intrusion detection, network traffic analysis, SIM technology, incident handling, media/malware analysis, etc.).

  • Experience with analyzing network traffic for suspicious and malicious activity using tools such as Wireshark (or equivalent) for packet capture analysis and the Carnegie-Mellon SiLK suite for flow data analysis.

  • Experience with incident/event correlation tools such as ArcSight.

Preferred Qualifications:

  • Scripting Language (one or more of the following): Perl/Python/BASH.

  • Current knowledge of CYBERCOM CNDSP policies and procedures.

  • Knowledge of Snort intrusion detection signatures.

Security Clearance Requirements:

  • Must be a U.S. Citizen with an active Top Secret Security Clearance (or TS/SCI). Will be processed for TS/SCI.

Hours: 40 hrs/week; Shift work with ability to work on a schedule that may include nights, weekends, and holidays.

Locations: Scott AFB (O'Fallon, IL) or Hill AFB (Odgen, UT)

Physical Requirements:

  • Must be able to be in a stationary position more than 50% of the time.

  • ?Constantly operates a computer and other office productivity machinery, such as a computer.

  • The person in this position frequently communicates with co-workers, management and customers, which may involve delivering presentations.

  • Must be able to exchange accurate information in these situations.

For all positions requiring access to technology/software source code that is subject to export control laws, employment with the company is contingent on either verifying U.S.-person status or obtaining any necessary license. The applicant will be required to answer certain questions for export control purposes, and that information will be reviewed by compliance personnel to ensure compliance with federal law. ManTech may choose not to apply for a license for such individuals whose access to export-controlled technology or software source code may require authorization and may decline to proceed with an applicant on that basis alone.

ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active Duty Wartime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law.

If you require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please contact ManTech's Corporate EEO Department at (703) 218-6000. ManTech is an affirmative action/equal opportunity employer - minorities, females, disabled and protected veterans are urged to apply. ManTech's utilization of any external recruitment or job placement agency is predicated upon its full compliance with our equal opportunity/affirmative action policies. ManTech does not accept resumes from unsolicited recruiting firms. We pay no fees for unsolicited services.

If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access as a result of your disability. To request an accommodation please click and provide your name and contact information.