Cyber Incident Response Handler

ManTech International Corporation McLean, VA

Group: MCIS

Clearance Level Needed: TS/SCI

Shift: Day

Category: Cyber

Are you a Problem Solver who can protect and defend the largest intelligence target in the world? This McLean based Incident Response Remediation Handler will perform Incident Response, Computer Forensics and Intrusion Analysis to support the identification , monitoring, investigating and analyzing computer network intrusions. At ManTech, you will help protect our national security while working on innovative projects that offer opportunities for advancement. Your role will be Monday - Friday with Core hours.

Responsibilities include, but are not limited to:

Clearance Level: Top Secret SCI ++

The CIRT Remediation Incident Handler on this agency-level Cyber Security Operations and Engineering support contract performs the following duties:

• Performs the detection, identification, and reporting of possible cyber attacks/intrusions, anomalous activities, and misuse activities

• Determines appropriate course of action in response to identified cyber security incidents or anomalous network activity

• Correlates incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation
• Recommend enterprise protection measures based on incident trends

• Prepares detailed recommendations for network defense improvements to close or mitigate incidents

Position Requirements:

Required Experience/Skills:
• Excellent interpersonal, organizational, writing, communications, and briefing skills

• Strong analytical and problem solving skills

• Minimum of five years (SCSA) or three years (CSA) of progressively responsible experience in Cyber Security, InfoSec, Security Engineering, Network Engineering with emphasis in cyber security issues and operations, computer incident response, systems architecture, data management

Required Tools:
Familiarity with the following classes of enterprise cyber defense technologies:

• Security Information and Event Management (SIEM) systems
• Network Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS)

• Host Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS)

• Network and Host malware detection and prevention

• Network and Host forensic applications

• Web/Email gateway security technologies

Required Certifications:
SCSA- DOD 8570 IAT Level I or CND-IR
CSA- DOD 8570 IAT Level I or CND-A

Required Degree:
BS (bachelor's degree in electrical engineering, computer engineering, computer science, or other closely related IT discipline)
For CSA only: 8-10 years experience if no BS. Only 50% of CSA positions can use experience waiver

Security Requirements:
TS/SCI with Poly

Requires Bachelor¿s degree or equivalent and ten to twelve years of related experience. Minimum of four years experience in technology/tools specific to the target platforms.