Description & Requirements
ManTech is seeking a Cyber Intelligence Analyst to help support our current NCIS contract out of Quantico, VA. The Cyber Defense Intelligence Analyst is responsible for monitoring network activity and collecting intelligence to identify, assess, and help resolve/report on threats posed by foreign cyber actors targeting DON/NCIS networks, infrastructure, personnel, and technology. This role emphasizes law enforcement (LE) and counterintelligence (CI) processes and procedures by combining advanced cyber threat intelligence analysis with hands-on incident response and reporting.
Responsibilities include but are not limited to:
Conduct cyber threat hunting activities, focusing on detecting, assessing, and reporting on cyber threats, including addressing U.S. government and organizational (DON/NCIS) intelligence requirements.
Ability to leverage All-Source and OSINT skills, paired with technical expertise, to support the development of comprehensive and actionable intelligence products.
Perform in-depth analysis of network data, including NetFlow, email headers, PCAP, network logs, and Transport Layer Security (TLS) Certificate Pivoting, to detect malicious activity.
Conduct investigations of anomalies and irregularities to determine the root cause of incidents, including adversary tracking, incident reporting, and recommending appropriate responses.
Review, interpret, and evaluate information from multiple sources to produce intelligence products, including briefings, summaries, and Intelligence Information Reports (IIRs).
Correlate data from intrusion detection and prevention systems with other sources, such as firewalls, web servers, and DNS logs, to detect and attribute malicious behavior.
Guide and mentor junior analysts on cyber threat intelligence, incident response, and best practices.
Minimum Qualifications:
Bachelor's degree and minimum of 2 years of cyber threat intelligence and defense experience, with a focus on network log analysis and threat hunting to include the following: (Additional 2 years of experience can be substituted in lieu of degree.)
In-depth knowledge of network communication protocols (TCP/IP), NetFlow, DNS, PCAP analysis, and malware behavior/types.
Familiarity with advanced cyber threat hunting tools such as Security Information and Event Management (SIEM), Managed Detection and Response (MDR) systems, and managed attribution platforms (e.g., Domain Tools, VirusTotal, Maltego).
Experience conducting incident response and investigations, performing root cause analysis, and reporting findings to stakeholders.
Proficiency in utilizing analytical frameworks such as MITRE ATT&CK, Cyber Kill Chain, and the Diamond Model, with a demonstrated ability to identify Indicators of Compromise (IOCs), Tactics, Techniques, and Procedures (TTPs), and threat actor patterns.
Preferred Qualifications:
SANS GIAC Security Essentials (GSEC), or other SANS relevant cybersecurity certifications
CEH, Security+, CySA+, CISSP, GCIH, or other relevant cybersecurity certifications
Skills in Open-Source Intelligence (OSINT), Counterintelligence (CI)/Human Intelligence
(HUMINT), All-Source Analysis, and/or Digital Forensics
Clearance Requirements :
Secret with the ability to obtain TS/SCI
Physical Requirements:
Sedentary Work
For all positions requiring access to technology/software source code that is subject to export control laws, employment with the company is contingent on either verifying U.S.-person status or obtaining any necessary license. The applicant will be required to answer certain questions for export control purposes, and that information will be reviewed by compliance personnel to ensure compliance with federal law. ManTech may choose not to apply for a license for such individuals whose access to export-controlled technology or software source code may require authorization and may decline to proceed with an applicant on that basis alone.
ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active Duty Wartime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law.
If you require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please contact ManTech's Corporate EEO Department at (703) 218-6000. ManTech is an affirmative action/equal opportunity employer - minorities, females, disabled and protected veterans are urged to apply. ManTech's utilization of any external recruitment or job placement agency is predicated upon its full compliance with our equal opportunity/affirmative action policies. ManTech does not accept resumes from unsolicited recruiting firms. We pay no fees for unsolicited services.
If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access https://mantech.avature.net/en_US/careers as a result of your disability. To request an accommodation please click careers@mantech.com and provide your name and contact information.