ManTech seeks a motivated, career and customer-orientedCyber Network Defense (CND) Analyst in Herndon, VA.
As a CND Analyst on our team, you will use your expertise in specialized network defense to provide innovative and creative solutions to challenging cyber security problems. You will utilize the latest cyber tools available and assist with creating new ones while allowing you to advance the nation's information security posture.
Responsibilities include, but are not limited to:
Provide malicious code detection, intrusion detection, and information security tool development and integration.
Utilize forensic analysis to identify malware, misuse, and/or unauthorized activity.
Investigate and report on virus and malware alerts or incidents to determine root cause, entry point of code and damage risk.
Analyze all data sources, including Internet, Intelligence Community (IC) reporting, security events, firewall logs, and other data sources to identify malware, misuse, unauthorized activity or other cyber security related concerns.
Track intelligence using open source and classified sources to identify malicious code threats and provide solutions to counteract that threat.
Manage and administer the tuning of rules, signatures, and custom content for CND applications and systems and identify potential conflicts with implementation of any CND tools within the enterprise and develop recommendations to remediate these conflicts
Provide logical use case development.
Provide and track requirements to engineering partners.
Identify gaps in visibility or coverage of cyber defense systems.
Prepare data analytics and reporting.
Basic Qualifications:
High School Diploma and 15+ years of experience in a cyber security or network security role, or Bachelor’s degree and 11+ years of experience
Experience writing script in programming languages such as Python, JavaScript, Yara or Snort
Experience using SIEM tools for case development and application
Experience with network security applications, protocols, and associated hardware
Experience with one or more of the following classes of enterprise cyber defense technologies: SysMon, Network and Host based IDS and IPS, Network and host-based malware detection and prevention, Endpoint Detection & Response (EDR) and Network Detection & Response (NDR), Network and Host malware detection and prevention (EDR/NDR) tools, Web/Email gateway security technologies, Security Orchestration, Automation and Response (SOAR) or Cloud Based platforms such as Azure, AWS, or Google
Preferred Qualifications:
Experience working with MITRE ATT&CK
Experience with Splunk or Splunk Enterprise Security
Experience with forensics tools and applications
Clearance requirement: Must have an active/Current TS/SCI with polygraph
Physical Requirements: Must be able to remain in a stationary position 50%
SKN.7.23