ManTech Cyber Detection Analyst in Mclean, Virginia
Can you protect and defend the largest target in the world to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction. This McLean based position will be Day/Night shift and will hone your cyber skills with Splunk, Arcsight, IDS/IPS to take your career to a whole new level. At ManTech, you will help protect our national security while working on innovative projects that offer opportunities for advancement.
The CIRT Detection Analyst on this agency-level Cyber Security Operations and Engineering support contract performs the following duties:
• Analyze all relevant cyber security event data and other data sources for attack indicators and potential security breaches; produce reports.
• Assist in coordination during incidents; and coordinate with the O&M team to maintain all security monitoring systems are on-line, up to date, and fully operational.
• Monitor intrusion detection and prevention systems and other security event data sources on 24x7x365 basis. Determine if security events monitored should be escalated to incidents and follow all applicable incident response and reporting processes and procedures.
• Correlate data from intrusion detection and prevention systems with data from other sources such as firewall, web server, and DNS logs.
• Responsible for tuning and filtering of events and information, creating custom views and content using all available tools following an approved methodology and with approval of concurrence from the Staff management.
• Provide support for the Government CIRT Hotline and appropriately document each call in an existing tracking database for this purpose.
• Coordinate with the O&M team to ensure production CIRT systems are operational.
• Review assembled data with firewall administrators, engineering, system administrators and other appropriate groups to determine the risk of a given event.
• Establish procedures for handling each security event detected.
• Develop and utilize “Case Management processes for incident and resolution tracking. The processes should also be used for historic recording of all anomalous or suspicious activity. Currently, processes in place now use the JIRA tool.
• Identify misuse, malware, or unauthorized activity on monitored networks. Report the activity appropriately as determined by CIRT Management.
• Monitoring and responding to the CIRT e-mail addresses.
• Excellent interpersonal, organizational, writing, communications, and briefing skills.
• Strong analytical and problem solving skills.
• Minimum of three years of progressively responsible experience in Cyber Security, InfoSec, Security Engineering, Network Engineering with emphasis in cyber security issues and operations, computer incident response, systems architecture, data management.
Familiarity with the following classes of enterprise cyber defense technologies:
• Security Information and Event Management (SIEM) systems.
• Network Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS).
• Host Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS).
• Network and Host malware detection and prevention.
• Network and Host forensic applications.
• Web/Email gateway security technologies
DOD 8570 IAT Level I or CND-A
BS (8-10 years experience if no BS. Only 50% of CSA positions can use experience waiver).
Security Clearance Requirements:
Active/current TS/SCI with Polygraph clearance is required.
Requires Bachelor¿s degree or equivalent and seven to nine years of related experience. Minimum of three years experience in technology/tools specific to the target platforms.
Years of Experience
For more than 40 years, ManTech employees have been solving complex problems for the national security community. We are comprised of approximately 10,000 talented employees around the world. We adhere to the simple, no-nonsense values on which ManTech was founded more than four decades ago, aligning squarely with the mission objectives of our customers. As our customer base continues to expand and diversify, we continue to diversify our workforce and solutions. Half our employees have a military background, and more than 70 percent hold a government security clearance. As a leading provider of innovative technology services and solutions for the nation's defense, security, space, and intelligence communities; we hold nearly 1,000 active contracts with more than 40 different government agencies.
ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active Duty Waretime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law. If you require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please contact ManTech's Corporate EEO Department at (703) 218-6000. ManTech is an affirmative action/equal opportunity employer - minorities, females, disabled and protected veterans are urged to apply. ManTech's utilization of any external recruitment or job placement agency is predicated upon its full compliance with our equal opportunity/affirmative action policies. ManTech does not accept resumes from unsolicited recruiting firms. We pay no fees for unsolicited services.
If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accomodation if you are unable or limited in your ability to use or access http://www.mantech.com/careers/Pages/careers.aspx as a result of your disability. To request an accomodation please click firstname.lastname@example.org and provide your name and contact information.