Description & Requirements
ManTech is seeking a Cyber Intelligence Analyst to help support our current NCIS contract out of Quantico, VA.
Responsibilities include but are not limited to:
The Cyber Intel Analyst will review raw NetFlow data and identify any malicious cyber activity directed towards any DON entity or partnered organizations. Process and enrich information to ensure timely, actionable, high confidence IOC's are ingested and shared with key stakeholders.
The Cyber Intel Analyst will identify cyber threats, threat vectors, attacker methodology to include, tools, tactics, and procedures and how they tie into the Cyber Kill Chain or ATT&CK framework, Diamond Model etc.
Analysts will identify indicators of compromise (IOCs), evaluate identified attacks thru NetFlow analysis to determine cyber threats, identify campaigns, profile cyber threat actors, and track cyberspace activities.
Support counterintelligence investigations and operations involving a Federal Law Enforcement agency.
Report on underlying patterns of behavior by conducting detailed analysis of incidents, threats and risks and associated impacts and consequences, vulnerabilities, tactics, techniques and procedures (TTP), and other malicious and non-malicious indicators.
Correlate data from intrusion detection and prevention systems with data from other sources such as firewall, web server, and DNS logs
Minimum Qualifications:
Bachelor's degree and minimum of 2 years of cyber threat hunting familiarity with network log analysis to include the following: (Additional 2 years of experience can be substituted in lieu of degree.)
Experience in Netflow, DNS, Web Detail, Email Data, and TCP three-way handshake process.
Domain Tools, VirusTotal, Chameleon, Maltego, and experience utilizing managed attribution accounts.
Knowledge of the terminologies, methodologies, and IC-level research and analytical techniques as applied to highly complex assignments in counterintelligence and criminal intelligence analysis.
Experience identifying intelligence gaps, specifies collection requirements to fill gaps, and develops analytical tools and methodologies to cope with the gaps.
Experience leveraging and exploiting social media, and a variety of commercial and government open source databases.
Preferred Qualifications:
Technical understanding in some of the following areas: network communication using TCP/IP protocols, basic understanding of malware (malware communication installation, or malware types), or intermediate knowledge of computer network defense operations (proxy, firewall, IDS/IPS, router/switch, or open source information collection).
Possess effective verbal and written communication skills and the ability to produce activity- and national-level intelligence products.
DIA analytical writing tradecraft
CEH Certification
Security +CE
GIAC Cyber Threat Intelligence (GCTI)
Publicly Available Information (PAI) analysis experience
Familiarity with general academic databases and scientific journals and repositories
Clearance Requirements :
Secret with the ability to obtain TS/SCI
Physical Requirements:
Sedentary Work
For all positions requiring access to technology/software source code that is subject to export control laws, employment with the company is contingent on either verifying U.S.-person status or obtaining any necessary license. The applicant will be required to answer certain questions for export control purposes, and that information will be reviewed by compliance personnel to ensure compliance with federal law. ManTech may choose not to apply for a license for such individuals whose access to export-controlled technology or software source code may require authorization and may decline to proceed with an applicant on that basis alone.
ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active Duty Wartime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law.
If you require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please contact ManTech's Corporate EEO Department at (703) 218-6000. ManTech is an affirmative action/equal opportunity employer - minorities, females, disabled and protected veterans are urged to apply. ManTech's utilization of any external recruitment or job placement agency is predicated upon its full compliance with our equal opportunity/affirmative action policies. ManTech does not accept resumes from unsolicited recruiting firms. We pay no fees for unsolicited services.
If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access https://mantech.avature.net/en US/careers (https://sandboxmantech1.avature.net/en US/careers) as a result of your disability. To request an accommodation please click careers@mantech.com and provide your name and contact information.