Cyber Lead Incident Handler

Mantech International Corporation McLean, VA
Group: MCIS

Clearance Level Needed: TS/SCI

Shift: Day

Category: Cyber

Are you a Problem Solver who can protect and defend the largest intelligence target in the world? This McLean based Cyber Lead Incident Handler will manage a team of incident handlers who perform Incident Response, Computer Forensics and Intrusion Analysis to support the containment, eradication, and recovery from computer network intrusions. At ManTech, you will help protect our national security while working on innovative projects that offer opportunities for advancement. Your role will be Monday - Friday with Core hours.

Responsibilities include, but are not limited to:

Clearance Level: Top Secret SCI ++

The Cyber Lead Incident Handler on this agency-level Cyber Security support contract performs the following duties:

• Manages a growing team of incident response experts

• Evaluates, proposes, and transforms capabilities, procedures, tactics, and techniques to better execute the IR mission

• Performs actions in response to identified cyber intrusions

• Determines appropriate course of action in response to identified cyber security incidents or anomalous network activity

• Performs advanced analysis to include forensic seizures of hardware, malware triage and dynamic analysis, and determination of the scope of compromise during a cyber incident

* Communicates with stakeholders and leaders to ensure incidents are managed appropriately

* Acts as incident command during small scale incidents and cyber response subject matter expert during large scale incidents

• Recommend enterprise protection measures based on incident trends

• Prepares detailed recommendations for network defense improvements to close or mitigate incidents

• Recruits and mentors incident handler talent

• Documents impactful achievements of the team for leadership

Position Requirements:

Required Experience/Skills:

• Demonstrated experience in cyber incident response/detection or expert network engineering, system administration, or devops

• Excellent interpersonal, organizational, writing, communications, and briefing skills

• Strong analytical and problem solving skills

• Minimum of five years of progressively responsible experience in Cyber Security, InfoSec, Security Engineering, Network Engineering with emphasis in cyber security issues and operations, computer incident response, systems architecture, data management

• Panel interview and acceptance by the customer as a KEY team member

Required Tools:
Familiarity with the following classes of enterprise cyber defense technologies:

• Security Information and Event Management (SIEM) systems

• Network Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS)

• Host Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS)

• Network and Host malware detection and prevention

• Network and Host forensic applications

• Web/Email gateway security technologies

* Experience with Splunk, Windows PowerShell, or similar technologies

Required Certifications:
DOD 8570 IAT Level I or CSSP-A

Required Degree:
BS (bachelor's degree in electrical engineering, computer engineering, computer science, or other closely related IT discipline)

Security Requirements:
TS/SCI with Poly

Requires Bachelor¿s degree or equivalent and ten to twelve years of related experience. Minimum of four years experience in technology/tools specific to the target platforms.