Description & Requirements
ManTech is seeking a highly skilled and motivated Cyber Detection and Response Analyst to join our dynamic Cyber Incident Response Team. As a key member of the team, you will be responsible for proactively monitoring, detecting, analyzing, and responding to cybersecurity incidents within our large enterprise network. Your expertise in incident detection, analysis, and response will play a vital role in safeguarding our organization's critical assets and ensuring the integrity of our information systems.
Responsibilities include, but are not limited to:
Incident Detection and Monitoring
Utilize SIEM (Security Information and Event Management) systems and other detection technologies to identify and investigate security anomalies.
Collaborate with other teams to establish and fine-tune detection rules and alerts.
Incident Analysis and Investigation
Conduct in-depth analysis of detected incidents to determine the nature, extent, and impact of the cybersecurity threats.
Perform forensic analysis, including examining network traffic, log files, and system artifacts, to identify the root cause and potential entry points of incidents.
Document incident findings, including the attack methodology, IOCs, and recommended mitigation measures.
Collaborate with cross-functional teams, such as network engineers, system administrators, and legal representatives, to gather and analyze relevant information during incident investigations
Incident Response and Mitigation
Execute the incident response process, following established procedures and protocols, to contain, mitigate, and remediate security incidents.
Coordinate with internal teams and external stakeholders to ensure a swift and effective response to incidents, including communication, containment, and recovery activities.
Utilize incident response tools and technologies to facilitate the investigation, containment, and eradication of threats.
Provide recommendations for remediation actions and improvements to security controls and processes based on incident findings and lessons learned.
Threat Intelligence and Vulnerability Management
Stay up to date with the latest cybersecurity threats, vulnerabilities, and industry best practices.
Monitor external sources for threat intelligence and emerging trends to enhance the organization's incident detection and response capabilities.
Contribute to vulnerability management activities by assessing and prioritizing vulnerabilities and providing guidance on remediation strategies.
Reporting and Documentation
Prepare clear and concise incident reports, including detailed timelines, analysis, and recommendations for senior management and relevant stakeholders.
Maintain accurate and up-to-date documentation of incidents, investigations, actions taken, and lessons learned.
Assist in the development and maintenance of incident response playbooks, procedures, and guidelines.
Basic Qualifications:
2+ years of experience in Cybersecurity, Information Technology , Computer Science or other relevant technical field; experience can be any combination professional experience, internships , lab work or coursework.
Experience with one or more of the following: SIEM systems, network security tools, log analysis tools, cybersecurity principles, incident detection, analysis, and response methodologies, operating systems, network protocols, and security technologies.
DoD 8570 IAT-II required (can be obtained after hire)
Security Requirements:
Active/Current TS/SCI with polygraph
For all positions requiring access to technology/software source code that is subject to export control laws, employment with the company is contingent on either verifying U.S.-person status or obtaining any necessary license. The applicant will be required to answer certain questions for export control purposes, and that information will be reviewed by compliance personnel to ensure compliance with federal law. ManTech may choose not to apply for a license for such individuals whose access to export-controlled technology or software source code may require authorization and may decline to proceed with an applicant on that basis alone.
ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active Duty Wartime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law.
If you require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please contact ManTech's Corporate EEO Department at (703) 218-6000. ManTech is an affirmative action/equal opportunity employer - minorities, females, disabled and protected veterans are urged to apply. ManTech's utilization of any external recruitment or job placement agency is predicated upon its full compliance with our equal opportunity/affirmative action policies. ManTech does not accept resumes from unsolicited recruiting firms. We pay no fees for unsolicited services.
If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access https://mantech.avature.net/en_US/careers as a result of your disability. To request an accommodation please click careers@mantech.com and provide your name and contact information.