Job Information
ManTech Cyber Incident Response Shift Lead in McLean, Virginia
ManTech seeks a motivated, career and customer-oriented Cyber Incident Response Shift Lead to join team in McLean, VA. Our team provides 24x7x365 support to our customer and works four 10-hour days. This position is on 3rd shift and the hours are 9pm to 7am. Shift differential pay is provided.
Responsibilities include, but are not limited to:
Analyze all relevant cyber security event data and other data sources for attack indicators and potential security breaches and assist in coordination during incidents.
Identify intrusions utilizing various detection and prevention systems and other security event data sources on 24x7x365 basis and nalyze intrusion related data to determine root cause and identify follow on activity while coordinating with Incident Handlers, Hunters, and various partners.
Correlate data from intrusion detection and prevention systems with data from other sources such as firewall, web server, and DNS logs, to include netflow, metadata, and pcap analysis.
Identify misuse, malware, or unauthorized activity on monitored networks.
Contributes to in-tuning and filtering of events and information, creating custom views and content using all available tools.
Review assembled data with firewall administrators, engineering, system administrators and other appropriate groups to determine the risk of a given event.
Contribute to the development of playbooks and procedures for handling each security event detected.
Minimum Qualifications:
Bachelor’s degree and 3+ years of experience in cybersecurity operations or incident response or high school diploma and 7+ years of experience in cybersecurity operations or incident response
1+ years of experience with leading a team while in an individual contributor role
Experience with one or more of the following: Security Information and Event Management (SIEM) systems, Network Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS), Host Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS), Network and Host malware detection, prevention and Host forensic applications and Web/Email gateway security technologies.
DOD 8570 IAT Level I or CSSP-A (Can be obtained within 6 months of start date)
Preferred Qualifications:
- Certifications such as GCDA, GCIH, GCFA, OSCP, or Splunk Certified Security Professional
Clearance requirement:
- Must have a current/active TS/SCI w/Polygraph
Physical Requirements:
- The person in this position must be able to remain in a stationary position 50% of the time.
SKN.7.23
ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
If you are a qualified individual with a disability and require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please email us at careers@mantech.com and provide your name and contact information.