Provide Tier 2 support by analyzing network traffic and various log data to determine the threat/impact against the network, recommending appropriate countermeasures, facilitating the tracking, handling, and reporting of all security events and computer incidents. Monitor, detect, scan, record, audit, analyze, report, remedy, coordinate, and track security related events for customer networks/endpoints. Perform in-depth analysis of security events and incidents independently, and in support of T... more details
Secure our Nation, Ignite your Future
Become an integral part of a diverse team while working at an Industry Leading Organization, where our employees come first. At ManTech International, you’ll help protect our national security while working on innovative projects that offer opportunities for advancement.
Currently, ManTech is seeking a motivated, career and customer-oriented Tier 2 Network Operations & Security Center (NOSC) Analyst. There are three possible locations for this role Chandler, AZ; Stennis, MS; Washington, DC.
Responsibilities include but are not limited to:
- Provide Tier 2 support by analyzing network traffic and various log data to determine the threat/impact against the network, recommending appropriate countermeasures, facilitating the tracking, handling, and reporting of all security events and computer incidents.
- Monitor, detect, scan, record, audit, analyze, report, remedy, coordinate, and track security related events for customer networks/endpoints.
- Perform in-depth analysis of security events and incidents independently, and in support of Tier 1 SOC Analysts
- Investigate and respond to security incidents escalated from Tier 1 SOC Analysts, conduct in-depth analysis, and identify the root cause of incidents
- Conduct forensic analysis and detailed investigations of security incidents to determine the root cause and extent of compromise
- Document analysis, findings, and actions in a case/knowledge management system.
- Provide guidance and support to Tier 1 SOC Analysts, including coaching and knowledge sharing to enhance their technical skills
- Support senior-level SOC personnel with the creation and distribution of incident reports
- Participate in vulnerability assessments and penetration testing activities to identify and address potential security weaknesses
- Responsible for working in a 24x7 Security Operation Center (SOC) environment
- Other duties as assigned or required
Basic Qualifications:
- A bachelor’s degree in information security, computer science, or related field
- A minimum of four (4) years of related experience on a Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC)
- A minimum of six (6) months experience in one or more of the following: computer network penetration testing/techniques; computer evidence seizure, computer forensic analysis, data recovery; computer intrusion analysis/incident response, intrusion detection; computer network surveillance/monitoring; network protocols, network devices,
- Experience with Incident Response; identifying, investigating, reporting and remediating
- Captures, protects, and retains digital forensic data and information maintaining proper legal chain of custody for legal and law enforcement activities
- Researches and maintains proficiency in tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding and network security and encryption
- Experience analyzing in/outbound e-mail traffic
- Understanding of SIEM alerting and analytic processes
- Capable of solving technical problems following established procedures and policies
- Experience with common Cybersecurity tools such as Splunk, HBSS, Nessus
- Proficiency in security incident response methodologies and best practices
- Familiarity with scripting languages (Python, PowerShell, etc.) for automation and data analysis
- Understanding of cloud platforms and their impact on SOC operations (e.g., AWS, Azure, GCP)
Preferred Qualifications:
- Any of the following certifications: DOD 8570 Industry Related Certification - CSSP Analyst, CSSP Infrastructure Support or CSSP Incident Responder, Penetration Testing, GIAC Certified Forensic Examiner (GCFE), GIAC Advanced Smartphone Forensics Certification (GASF)
Clearance Requirements:
- Must be a U.S. citizen
- Must hold an active Secret clearance
- Must be eligible for TS/SCI clearance
Physical Requirements:
- Must be able to remain in a stationary position 50%
- Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine and computer printer
- The person in this position needs to occasionally move about inside the office to access file cabinets, office machinery, etc.
For all positions requiring access to technology/software source code that is subject to export control laws, employment with the company is contingent on either verifying U.S.-person status or obtaining any necessary license. The applicant will be required to answer certain questions for export control purposes, and that information will be reviewed by compliance personnel to ensure compliance with federal law. ManTech may choose not to apply for a license for such individuals whose access to export-controlled technology or software source code may require authorization and may decline to proceed with an applicant on that basis alone.
ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active Duty Wartime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law.
If you require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please contact ManTech's Corporate EEO Department at (703) 218-6000. ManTech is an affirmative action/equal opportunity employer - minorities, females, disabled and protected veterans are urged to apply. ManTech's utilization of any external recruitment or job placement agency is predicated upon its full compliance with our equal opportunity/affirmative action policies. ManTech does not accept resumes from unsolicited recruiting firms. We pay no fees for unsolicited services.
If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access http://www.mantech.com/careers/Pages/careers.aspx as a result of your disability. To request an accommodation please click careers@mantech.com and provide your name and contact information.