ManTech
Mid-level Cybersecurity Threat Hunter
ManTech, Herndon, Virginia, United States, 22070
Become an integral part of a diverse team while working at an Industry Leading Organization, where our employees come first. At ManTech International, you’ll help protect our national security while working on innovative projects that offer opportunities for advancement.
Currently, ManTech is seeking a motivated, career and customer-oriented Mid-level Cybersecurity Threat Hunter to join our team in the Washington DC area.
Responsibilities include, but are not limited to:
Collaborate with incident response teams to investigate, analyze, and remediate identified threats.
Identify and assess the capabilities and activities of cyber criminals or foreign intelligence entities; design and administer procedures in the organization that sustains the security of the organization’s data and access to its technology and communications systems.
Identify, deter, monitor, and investigate computer and network intrusions.
Provide computer forensic support to high technology investigations in the form of evidence seizure, computer forensic analysis, and data recovery.
Monitor and assess complex security devices for patterns and anomalies from raw events (DNS, DHCP, AD, SE logs), tag events for Tier 1 & 2 monitoring.
Conduct malware analysis in out-of-band environment (static and dynamic), including complex malware.
Proactively search for and identify cyber threats, including advanced persistent threats (APTs), that could compromise DHS networks and systems.
Analyze network traffic, system logs, and other data sources to detect anomalies and indicators of compromise (IOCs).
Develop and implement threat hunting methodologies, techniques, and tools to improve detection capabilities.
Create and refine threat detection use cases and correlation rules within SIEM and other security tools.
Conduct detailed analysis of malicious code, attack vectors, and threat actor tactics, techniques, and procedures (TTPs).
Prepare detailed threat reports and briefings for technical and non-technical stakeholders.
Stay current with the latest cyber threat intelligence, trends, and technologies.
Provide expert guidance and training to junior analysts and other DHS staff on threat hunting techniques and best practices.
Basic Qualifications:
An 8570 compliant certification, such as Certified Information Systems Security Professional (CISSP), GIAC Certified Incident Handler (GCIH), GIAC Certified Forensics Analyst (GCFA), GIAC Certified Intrusion Analyst (GCIA), or relevant certifications
A bachelor’s degree in computer science, information technology, cybersecurity, or a related field of study.
A minimum of (3) three years of experience in cybersecurity with a focus on threat hunting, threat analysis, or incident response.
Proficiency with threat hunting tools and platforms (e.g., Splunk, ELK Stack, CrowdStrike, Carbon Black).
Strong understanding of network protocols, system logs, and security event correlation.
Experience in analyzing malware, attack vectors, and threat actor TTPs.
Preferred Qualifications:
A master's degree
Experience working in a government or defense environment.
Familiarity with DHS policies and procedures.
Knowledge of broader cybersecurity frameworks (e.g., NIST, ISO 27001).
Security Clearance Requirements:
Must be a U.S. citizen
A current Secret security clearance
Must be able to obtain and maintain a Top-Secret security clearance
Must be able to pass DHS suitability
Physical Requirements:
Must be able to be in a stationary position more than 50% of the time
Must be able to communicate, converse, and exchange information with peers and senior personnel
Constantly operates a computer and other office productivity machinery, such as a computer
The person in this position frequently communicates with co-workers, management, and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations
The person in this position needs to occasionally move about inside the office to access file cabinets, office machinery, etc.
Currently, ManTech is seeking a motivated, career and customer-oriented Mid-level Cybersecurity Threat Hunter to join our team in the Washington DC area.
Responsibilities include, but are not limited to:
Collaborate with incident response teams to investigate, analyze, and remediate identified threats.
Identify and assess the capabilities and activities of cyber criminals or foreign intelligence entities; design and administer procedures in the organization that sustains the security of the organization’s data and access to its technology and communications systems.
Identify, deter, monitor, and investigate computer and network intrusions.
Provide computer forensic support to high technology investigations in the form of evidence seizure, computer forensic analysis, and data recovery.
Monitor and assess complex security devices for patterns and anomalies from raw events (DNS, DHCP, AD, SE logs), tag events for Tier 1 & 2 monitoring.
Conduct malware analysis in out-of-band environment (static and dynamic), including complex malware.
Proactively search for and identify cyber threats, including advanced persistent threats (APTs), that could compromise DHS networks and systems.
Analyze network traffic, system logs, and other data sources to detect anomalies and indicators of compromise (IOCs).
Develop and implement threat hunting methodologies, techniques, and tools to improve detection capabilities.
Create and refine threat detection use cases and correlation rules within SIEM and other security tools.
Conduct detailed analysis of malicious code, attack vectors, and threat actor tactics, techniques, and procedures (TTPs).
Prepare detailed threat reports and briefings for technical and non-technical stakeholders.
Stay current with the latest cyber threat intelligence, trends, and technologies.
Provide expert guidance and training to junior analysts and other DHS staff on threat hunting techniques and best practices.
Basic Qualifications:
An 8570 compliant certification, such as Certified Information Systems Security Professional (CISSP), GIAC Certified Incident Handler (GCIH), GIAC Certified Forensics Analyst (GCFA), GIAC Certified Intrusion Analyst (GCIA), or relevant certifications
A bachelor’s degree in computer science, information technology, cybersecurity, or a related field of study.
A minimum of (3) three years of experience in cybersecurity with a focus on threat hunting, threat analysis, or incident response.
Proficiency with threat hunting tools and platforms (e.g., Splunk, ELK Stack, CrowdStrike, Carbon Black).
Strong understanding of network protocols, system logs, and security event correlation.
Experience in analyzing malware, attack vectors, and threat actor TTPs.
Preferred Qualifications:
A master's degree
Experience working in a government or defense environment.
Familiarity with DHS policies and procedures.
Knowledge of broader cybersecurity frameworks (e.g., NIST, ISO 27001).
Security Clearance Requirements:
Must be a U.S. citizen
A current Secret security clearance
Must be able to obtain and maintain a Top-Secret security clearance
Must be able to pass DHS suitability
Physical Requirements:
Must be able to be in a stationary position more than 50% of the time
Must be able to communicate, converse, and exchange information with peers and senior personnel
Constantly operates a computer and other office productivity machinery, such as a computer
The person in this position frequently communicates with co-workers, management, and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations
The person in this position needs to occasionally move about inside the office to access file cabinets, office machinery, etc.