Cloud Cyber Incident Response Analyst

Cloud Cyber Incident Response Analyst

Job type: Full-time

Salary: $134,700-$224,700 per year

ManTech is seeking a talented individual to join our team as a Cloud Cyber Incident Response Analyst. In this position, you will play a critical role in protecting national security by executing cyber analysis and response, detection engineering, and automation in commercial cloud environments. The primary responsibility will be to ensure the security of information systems against intentional or inadvertent access or destruction. This role requires primarily remote work with some onsite training and meeting requirements in McLean, VA or San Antonio, TX.

Responsibilities

• Execute cyber analysis and response, detection engineering, and automation in commercial cloud environments.
• Develop metrics and reports to communicate identified risks to the customer's environment.
• Create and refine SIEM dashboards for clear identification of findings scope or activity monitoring.
• Identify patterns and outliers in data sets aligned with threat actor Tactics, Techniques, and Procedures (TTPs), post-compromise behavior, and unusual activities like insider threats.
• Conduct dynamic and static malware analysis on samples obtained during incident handling or hunt operations to identify Indicators of Compromise (IOCs).
• Track investigations to resolution and provide an after-action report as required.
• Assist with coordination during incidents and identify intrusions using various detection and prevention systems and security event data sources on a 24x7x365 basis.
• Analyze intrusion related data to determine root cause and identify follow on activity while coordinating with Incident Handlers, Hunters, and various partners.
• Contribute to the tuning and filtering of events and information, creating custom views and content using all available tools.
• Contribute to the development of playbooks and procedures for handling each security event detected.

Requirements

• 5+ years of experience in Cyber Security, InfoSec, Security Engineering, or Network Engineering with emphasis on cyber security issues and operations, computer incident response, systems architecture, and data management.
• Understanding of enterprise cyber defense technologies such as SIEM systems, Sysmon, Azure, AWS, GCP, IDS/IPS, malware detection and prevention, forensic applications, and web/email gateway security technologies.
• Ability to demonstrate effective interpersonal, organizational, writing, communications, and briefing skills.
• Ability to use analytical and problem-solving skills.
• Ability to travel to ManTech offices for training and to customer site as needed for meetings.
• DOD 8570 IAT Level I or CSSP-A certification (can be obtained within 6 months of start date).
• Active/Current TS/SCI with polygraph clearance.

Preferred Qualifications

• Bachelor’s Degree in Information Technology or related technical field of study.

Security Clearance Requirement

• Active/Current TS/SCI with polygraph.

Physical Requirements

• Must be able to remain in a stationary position 50%.
• Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine, and computer printer.
• The person in this position needs to occasionally move about inside the office to access file cabinets, office machinery, etc.

The projected compensation range for this position is $134,700-$224,700. You'll enjoy various benefits, including Health Insurance, Life Insurance, Paid Time Off, Holiday Pay, Short Term and Long Term Disability, Retirement and Savings, and Learning and Development opportunities.