Currently, ManTech is seeking a motivated, career and customer-oriented Senior Threat Intelligence Analyst to join our team in the Fort Meade, Maryland area.
Responsibilities include but are not limited to:
Reviewing and assessing raw NetFlow data and identifying any malicious cyber activity directed towards any agency customer entity or partnered organizations.
Processing and enriching information to ensure timely, actionable, high-confidence IOCs are ingested and shared with key stakeholders.
Aiding/guiding cyber analysts in threat hunting as well as counterintelligence operations.
Performing cyber intelligence analysis and developing raw intelligence products derived from intelligence reporting, open-source data, and information housed in a custom, classified system based on a proprietary configuration to support investigations, operations, and intelligence production.
Understanding advanced cyber threats, threat vectors, and attack methodology and how they tie into the Cyber Kill Chain or ATT&CK framework, Diamond Model, etc.
Reporting on underlying patterns of behavior by conducting detailed analysis of incidents, threats, and risks and associated impacts and consequences, vulnerabilities, tactics, techniques, and procedures (TTP), and other malicious and non-malicious indicators.
Analyzing network and host activity in successful and unsuccessful intrusions by advanced attackers.
Providing host-based security system (HBSS) support for the implementation, testing, integration, interoperability, and sustainment of information technologies comprising the SOC environment, encompassing multiple customer multi-level domains.
Basic Qualifications:
Bachelor's degree
Nine or more (9+) years of position relevant experience.
DoD 8570.01-m IAT Level III or CSSP-SPM or willingness to obtain within 6 months.
Experience utilizing managed attribution accounts; can identify intelligence gaps, specify collection requirements to fill gaps, and develop analytical tools and methodologies to cope with the gaps.
Technical understanding in some of the following areas: network communication using TCP/IP protocols, basic understanding of malware (malware communication installation or malware types), or intermediate knowledge of computer network defense operations (proxy, firewall, IDS/IPS, router/switch, or open source information collection).
Can identify/prioritize relevant collection requirements/gaps in response to supply chain threats to the federal agency customers and key stakeholders.
Preferred Qualifications:
Industry standard certifications such as CEH Certification, Security +CE, or GIAC Cyber Threat Intelligence (GCTI).
Proficient with federal agency analytical writing tradecraft.
Experience in Publicly Available Information (PAI) analysis.
Experience with general academic databases and scientific journals and repositories.
Cisco Certified Internetwork Expert
Clearance Requirements:
This position requires an active TS/SCI with the ability to obtain & maintain a Poly
Physical Requirements:
Must be able to be in a stationary position more than 50% of the time
Must be able to communicate, converse, and exchange information with peers and senior personnel
Constantly operates a computer and other office productivity machinery, such as a computer
The person in this position frequently communicates with co-workers, management, and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations
The person in this position needs to occasionally move about inside the office to access file cabinets, office machinery, etc.
#cyber1234
S:SKCYB-CYBER-THREAT SKCYB