Currently, ManTech is seeking a motivated, career and customer-oriented Threat Intelligence Analyst III to join our team in Ft. Meade, MD .
Responsibilities:
Reviewing and assessing raw NetFlow data and identifying any malicious cyber activity directed towards any agency customer entity or partnered organizations.
Processing and enriching information to ensure timely, actionable, high-confidence IOCs are ingested and shared with key stakeholders.
Aiding/guiding cyber analysts in threat hunting as well as counterintelligence operations.
Performing cyber intelligence analysis and developing raw intelligence products derived from intelligence reporting, open-source data, and information housed in a custom, classified system based on a proprietary configuration to support investigations, operations, and intelligence production.
Understanding advanced cyber threats, threat vectors, and attack methodology and how they tie into the Cyber Kill Chain or ATT&CK framework, Diamond Model, etc.
Reporting on underlying patterns of behavior by conducting detailed analysis of incidents, threats, and risks and associated impacts and consequences, vulnerabilities, tactics, techniques, and procedures (TTP), and other malicious and non-malicious indicators.
Analyzing network and host activity in successful and unsuccessful intrusions by advanced attackers.
Providing host-based security system (HBSS) support for the implementation, testing, integration, interoperability, and sustainment of information technologies comprising the ICON TDL SOC environment, encompassing multiple customer multi-level domains.
Supervising and mentoring subordinate projects and ICON Innovation Collaborative (IIC) staff.
Collaborating and working with other Threat Intelligence Analysts.
Basic Qualifications:
Bachelor's degree and minimum of nine (9) years of position relevant experience.
Extensive experience in all aspects of identifying threats to information systems and producing quality intelligence reporting.
Experience managing, deploying, and troubleshooting HBSS clients and configures, operates, and maintains mandated HBSS components for Windows, Solaris, and Linux systems.
Experience utilizing managed attribution accounts; can identify intelligence gaps, specify collection requirements to fill gaps, and develop analytical tools and methodologies to cope with the gaps; technical understanding in some of the following areas: network communication using TCP/IP protocols, basic understanding of malware (malware communication installation or malware types), or intermediate knowledge of computer network defense operations (proxy, firewall, IDS/IPS, router/switch, or open source information collection); can identify/prioritize relevant collection requirements/gaps in response to supply chain threats to the federal agency customers and key stakeholders.
Preferred Qualifications:
DoD 8570.01-m IAT Level III or CSSP-SPM.
Proficient with federal agency analytical writing tradecraft.
Industry standard certifications such as CEH Certification, Security +CE, or GIAC Cyber Threat Intelligence (GCTI).
Experience in Publicly Available Information (PAI) analysis.
Experience with general academic databases and scientific journals and repositories.
Clearance Requirements:
Active TS/SCI with the ability to obtain & maintain a Poly
Physical Requirements:
Must be able to be in a stationary position more than 50% of the time
Must be able to communicate, converse, and exchange information with peers and senior personnel
Constantly operates a computer and other office productivity machinery, such as a computer
S:SKCIN SKINTMISC