Cyber Intrusion Analyst
The Cyber BU of ManTech is looking for a highly motivated, qualified professional to fill a Cyber Intrusion Analyst position in Washington D.C.. A wide range of knowledge and skills are needed such as:
· Perform CERT/SOC operations to include IDS event monitoring and analysis, security incident handling, incident reporting, and threat analysis.
· Candidate should be familiar with common Intrusion Detection Systems, virus and malware behavior, and intrusion methodologies.
· Candidate will monitor and analyze network traffic, IDS alerts, network and system logs, and available open source information to detect and report threats to customer networks.
· Analyst will determine appropriate response action(s) required to mitigate risk and provide threat and damage assessment for security threats which may impact the customer networks.
· Analyst may also support the Incident Response Team during incident investigations, vulnerability assessments, malware analysis, and the development of new defensive security solutions.
· Position requires 5 years experience directly related to the duties and responsibilities described. Previous operational experience in a CIRT, SOC, or CERT environment is preferred. Additional knowledge areas of value include malware analysis, vulnerability assessment, penetration testing, and computer forensics. Prior experience with ArcSight, NetWitness, and Remedy a plus.
Major Job Function: Analysis and reporting of cyber threats as well as assist in deterring, identifying, monitoring, investigating and analyzing computer network intrusions. Additional duties may include providing intrusion support to high technology investigations in the form of computer evidence seizure, computer forensic analysis, data recovery, and network assessments. Must havea minimum of 5 years hands-on experience in the detection, response, mitigation, and/or reporting of cyber threats affecting client networks and one or more of the following: experience in computer intrusion analysis and incident response; intrusion detection; computer network surveillance/monitoring; knowledge and understanding of network protocols, network devices, multiple operating systems, and secure architectures; experience in computer evidence seizure, computer forensic analysis, and data recovery; and computer network forensics. Applicants MUST HAVE an active TOP SECRET security clearance w/ eligibility to obtain SCI access. Applicants must be able to work in a team environment. Some travel may be required.
Qualifications:A bachelor's degree in a related discipline is required however equivalent years of hands-on analysis and reporting experience may be considered in lieu of educational requirements. Technical certifications a plus. Must have the ability to work in a team environment and possess knowledge in the following areas: