Cyber Threat Intelligence Analyst page is loaded
Cyber Threat Intelligence Analyst
Apply
locations
USA-VA-Lorton
time type
Full time
posted on
Posted 3 Days Ago
job requisition id
R49813
Secure our Nation, Ignite your Future
The core responsibility of the Cyber Threat Intelligence Specialist is to conduct deep research into social engineering and cyber-attack campaigns and collaborate closely with data scientists, researchers, investigators, engineers, and internal & external partners to counter these threats. This person will own the Cyber Threat Operations Center (CTOC) Threat Intelligence processes and procedures. This role may include the need to work outside of core hours on high priority investigations and may also include on-call responsibilities.
Responsibilities:
Proactively identify and analyze attacker campaigns and techniques that evade our protection systems.
Produce intelligence on the attack landscape that drives durable protection enhancements into our product, services, and infrastructure.
Prototype new detection methods and experiment with new data sources, tools, and methods for proactively identifying and monitoring attacker campaigns and changes in the attack landscape.
Collaborate effectively and share actionable curated intelligence with internal and external stakeholders to help them drive impact and disruption through their workflows.
Recommend and make appropriate updates to CTOC Threat Intelligence processes, procedures, and tools; publish intelligence on novel social engineering techniques and campaigns.
Mentor others and contribute to an inclusive and collaborative team culture.
Basic Qualifications:
Bachelor's degree or six years of industry related experience may be substituted for a degree.
5+ years' experience in a technical role in the areas of Security Operations, Malware analysis, Threat Intelligence, Cyber Incident Response, and/or Penetration Testing
ACTIVEDoD 8570 IAT Level 2 or Higher Certification upon start
3+ years of data analysis and scripting experience (SQL, Python, C#, Regex, Azure Data Explorer – KQL, etc.)Possess the ability to immediately take ownership of the role and operate with minimal guidance.
Experience with the MITRE ATT&CK Framework, the Cyber Kill Chain and/or other tools used for threat intelligence or hunting.
Proficient in research and writing (e.g. SOPs, threat intelligence reports, etc.)
Awareness of modern security related subjects and trends such as threat hunting and modeling, digital forensics, reverse engineering, phishing, and penetration testing
Preferred Qualifications:
Experience with Cyber Threat Intelligence in Cloud environments.
CISSP, CISA, CISM, SANS, GCIA, GCIH, MITRE ATT&CK and/or OSCP certifications
Desire to acquire Microsoft SC-200
Experience with Azure Sentinel, Defender for Cloud and/or Microsoft Defender Threat Intelligence is desired.
Familiarity with Common Vulnerabilities and Exposures (CVE) tracking and remediation.
Security Clearance Requirements:
Active Top-Secret Clearance with SCI Eligibility.
DDISAP
For all positions requiring access to technology/software source code that is subject to export control laws, employment with the company is contingent on either verifying U.S.-person status or obtaining any necessary license. The applicant will be required to answer certain questions for export control purposes, and that information will be reviewed by compliance personnel to ensure compliance with federal law. ManTech may choose not to apply for a license for such individuals whose access to export-controlled technology or software source code may require authorization and may decline to proceed with an applicant on that basis alone.
ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active Duty Wartime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law.
If you require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please contact ManTech's Corporate EEO Department at (703) 218-6000. ManTech is an affirmative action/equal opportunity employer - minorities, females, disabled and protected veterans are urged to apply. ManTech's utilization of any external recruitment or job placement agency is predicated upon its full compliance with our equal
opportunity/affirmative
action policies. ManTech does not accept resumes from unsolicited recruiting firms. We pay no fees for unsolicited services.
If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access
http://www.mantech.com/careers/Pages/careers.aspx
as a result of your disability. To request an accommodation please click ******** and provide your name and contact information.
About Us
Why ManTech? This is why!
When you apply for a job at ManTech, you are taking the first step toward a new adventure. Trailblazing technology, incredible professional development and the opportunity to serve our nation. All while
Securing the Future .
ManTech provides mission-focused technology solutions and services for U.S. defense, intelligence and federal civilian agencies. In business for more than 52 years, we excel in full-spectrum cyber, data collection & analytics, enterprise IT, and systems and software engineering solutions that support national and homeland security.
More than 9,300 talented professionals around the globe make up the ManTech family and nearly half are veterans. As a ManTech employee, you will work for a winning team alongside colleagues that support and inspire you. You will also have access to tuition assistance, partnerships with universities and institutions, professional groups that comprise our Communities of Practice, community service opportunities, Technical Recognition Awards, Career Enablement/Mobility programs and so much more.
What are you waiting for? Click "Apply" and start your adventure today.
#J-18808-Ljbffr
