This site uses cookies. To find out more, see our Cookies Policy

Cyber Security Detection Analyst, Principal in McLean, VA at ManTech

Date Posted: 9/21/2018

Job Snapshot

  • Employee Type:
  • Location:
    McLean, VA
  • Job Type:
  • Experience:
    Not Specified
  • Date Posted:

Job Description



Clearance Level Needed:






Entering ManTech&s 50th year, we hold the distinct honor of being named a “Top 100 Global Technology Company” by Thomson Reuters. We have earned this and many other accolades over the years for our dedication to serving the missions of our nation&s most important customers: U.S. Intelligence, Defense and Federal Civilian agencies. All know us as a trusted partner offering best-in-class solutions in cyber, data collection & analytics, enterprise IT, and systems and software engineering tailored to meet their specific requirements.

Become an integral part of a diverse team in the Mission, Cyber and Intelligence Solutions (MCIS) Group. Currently, ManTech is seeking a motivated, mission oriented Cyber Security Detection Analyst, Principal in the McLean, VA, Virginia area, with strong Customer relationships. At ManTech, you will help protect our national security while working on innovative projects that offer opportunities for advancement.

The NIS Division provides mission solutions to a wide range of Defense and Intelligence Community customers. This division consists of a team of technical leaders that deliver advanced technical solutions to government organizations. Our customers have high standards, are technically adept, and use our products daily to support their mission of protecting national security. Our contributions to our customer&s success is driving our growth.

The CIRT Detection Analyst on this agency-level Cyber Security Operations and Engineering support contract performs the following duties:
• Analyze all relevant cyber security event data and other data sources for attack indicators and potential security breaches; produce reports
• Assist in coordination during incidents; and coordinate with the O&M team to maintain all security monitoring systems are on-line, up to date, and fully operational
� Monitor intrusion detection and prevention systems and other security event data sources on 24x7x365 basis. Determine if security events monitored should be escalated to incidents and follow all applicable incident response and reporting processes and procedures
• Correlate data from intrusion detection and prevention systems with data from other sources such as firewall, web server, and DNS logs
• Responsible for tuning and filtering of events and information, creating custom views and content using all available tools following an approved methodology and with approval of concurrence from the Staff management
• Provide support for the Government CIRT Hotline and appropriately document each call in an existing tracking database for this purpose
• Coordinate with the O&M team to ensure production CIRT systems are operational
• Review assembled data with firewall administrators, engineering, system administrators and other appropriate groups to determine the risk of a given event
• Establish procedures for handling each security event detected
• Develop and utilize “Case Management” processes for incident and resolution tracking. The processes should also be used for historic recording of all anomalous or suspicious activity. Currently, processes in place now use the JIRA tool
• Identify misuse, malware, or unauthorized activity on monitored networks. Report the activity appropriately as determined by CIRT Management
• Monitoring and responding to the CIRT e-mail addresses

Position Requirements:
• Excellent interpersonal, organizational, writing, communications, and briefing skills
• Strong analytical and problem solving skills
• Minimum of three years of progressively responsible experience in Cyber Security, InfoSec, Security Engineering, Network Engineering with emphasis in cyber security issues and operations, computer incident response, systems architecture, data management

Familiarity with the following classes of enterprise cyber defense technologies:
• Security Information and Event Management (SIEM) systems
• Network Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS)
• Host Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS)
• Network and Host malware detection and prevention
• Network and Host forensic applications
• Web/Email gateway security technologies

Required Certifications:
DOD 8570 IAT Level I or CND-A

Required Degree:
BS (8-10 years experience if no BS. Only 50% of CSA positions can use experience waiver)

Job Requirements

Requires Bachelor¿s degree or equivalent and seven to nine years of related experience. Minimum of three years experience in technology/tools specific to the target platforms.