Description & Requirements
ManTech is seeking a motivated, career and customer-oriented Cyber Threat Analyst, Senior to join our team in the Springfield, VA area.
The Cyber Threat Cell Lead performs as the technical expert for the NRO Cybersecurity Operations Squadron (COS) Threat Cell team. The COS Threat Cell Lead provides direction, leadership and mentorship to the team that conducts research, analysis, and correlation across a wide variety of all source cyber threat data sets, and proactive threat hunts. The individual should have excellent customer service, communications, presentation, analytical and troubleshooting skills along with the ability to work under pressure. It is a key requirement of this position to be able to quickly and efficiently resolve security issues while maintaining high levels of operational metrics.
Responsibilities include, but are not limited to:
Lead, train, and equip team members to research, analyze, counter cyber threat activities
Lead and assign personnel on threat hunts
Review deliverables to ensure quality in reporting and presentation
Conducting proactive threat hunts to uncover previously undetected adversary behavior, performing in-depth host and network log analysis, and delivering systematic threat assessments.
Brief leadership and stakeholders as required on hunts or other high visibility operational activity
Reviewing operational detection mechanisms to assess security posture, recommending new/custom signatures to counter prospective threats and enable future threat hunts.
Managing cyber intelligence requirements and focusing cyber intelligence collection efforts. Identifying emerging cyber technologies, capabilities, or weapons which pose a threat to US or Allied systems.
Collecting and analyzing all-source threat intelligence to identify adversary capabilities and intent, driving resource allocation for enterprise cyber defense operations.
Producing comprehensive cybersecurity reports, providing sourced and summarized threat intelligence, outlining threat hunt findings and limitations, and presenting recommendations to system owners, cyber defenders, and policy makers.
Coordinating with the U.S. Intelligence Community and private sector to exchange threat intelligence, emerging trends, and effective countermeasures.
Researching known adversarial Tactics, Techniques and Procedures (TTPs) to identify foundational components, isolate associated host or network events, and enable threat mitigation, detection, and response.
Creating custom cybersecurity dashboards to monitor host and network activity, enabling rapid identification of successful and unsuccessful intrusion attempts.
Performing analysis, correlation, and attribution of incidents to Advanced Persistent Threat (APT) groups.
Ensuring the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies.
Performing research and analysis of APT infrastructure and malicious binaries, external cyber threat intelligence reporting and production.
Collaborating across the U.S. IC and private sector regarding observed threats, intrusion attempts, and successful compromises to network infrastructure, applications, and operating systems.
Basic Qualifications:
7+ years of related experience.
B.S. or 4+ additional years of experience
Experience shall be in a related security technology or discipline such as Incidents and Warnings Management, Cybersecurity Operations, Cybersecurity Engineering.
CNDSP-A (GCIA, GCIH, or CEH) or CNDSP-IR (GCIH, CSIH, or CEH) certification required
IAT Level II (GSEC, Security+, SSCP, or CCNA-Security) certification required or abilty to obtain within 6 months of hire
Preferred Qualifications:
Ability to handle stress and work well under pressure and deal with ambiguity.
Ability to use MS Office, SIEM tools, Analytical and Critical Thinking Skills, Interpersonal and People Skills, Oral and Written Communication Skills, Organizational Skills, Project Management Ability, Public Speaking Skills.
Ability to effectively interact with various levels of senior management is necessary
Ability to make decisions and resolve problems effectively - Seek out information and data to evaluate, prioritize and formulate best solution or practice
Ability to multi-task, work independently and as part of a team, share workloads, and deal with sudden shifts in project priorities
Security Clearance Requirements:
Active TS/SCI w/ Polygraph
Physical Requirements:
Must be able to remain in a stationary position 50%
Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine and computer printer.
The person in this position frequently communicates with co-workers, management and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations
Occasionally ascends/descends a ladder to install and/or maintain network transport material.
#gl-soc
For all positions requiring access to technology/software source code that is subject to export control laws, employment with the company is contingent on either verifying U.S.-person status or obtaining any necessary license. The applicant will be required to answer certain questions for export control purposes, and that information will be reviewed by compliance personnel to ensure compliance with federal law. ManTech may choose not to apply for a license for such individuals whose access to export-controlled technology or software source code may require authorization and may decline to proceed with an applicant on that basis alone.
ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active Duty Wartime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law.
If you require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please contact ManTech's Corporate EEO Department at (703) 218-6000. ManTech is an affirmative action/equal opportunity employer - minorities, females, disabled and protected veterans are urged to apply. ManTech's utilization of any external recruitment or job placement agency is predicated upon its full compliance with our equal opportunity/affirmative action policies. ManTech does not accept resumes from unsolicited recruiting firms. We pay no fees for unsolicited services.
If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access https://mantech.avature.net/en_US/careers as a result of your disability. To request an accommodation please click careers@mantech.com and provide your name and contact information.
S:SKINTIAGP2