Today
Secret
Unspecified
Unspecified
IT - Security
Herndon, VA (On-Site/Office)
ManTech seeks a motivated, career and customer-oriented Cyber Security Forensics Analyst to join our team in the DC, Maryland, and Virginia (Northern) DMV area .
In this role you will be responsible for conducting advanced digital forensics investigations, analyzing cyber threats, and developing strategies to mitigate risks. This role requires a deep understanding of cyber forensics, the MITRE ATT&CK framework, and the MITRE D3FEND framework.
Responsibilities include but are not limited to:
Minimum Qualifications:
Clearance Requirements:
Physical Requirements:
In this role you will be responsible for conducting advanced digital forensics investigations, analyzing cyber threats, and developing strategies to mitigate risks. This role requires a deep understanding of cyber forensics, the MITRE ATT&CK framework, and the MITRE D3FEND framework.
Responsibilities include but are not limited to:
- Lead and conduct complex digital forensics investigations, including data recovery, analysis, and reporting ; Develop briefings and reports providing briefings to contract and government leadership and others as requested /required .
- Utilize the MITRE ATT&CK framework and other techniques to identify , assess, and address cyber threats and vulnerabilities ; Apply the MITRE D3FEND framework to develop and implement defensive measures against cyber threats.
- Collaborate with other cybersecurity professionals, cybersecurity and network teams, law enforcement agencies, and intelligence organizations to share information and coordinate response efforts.
- Analyze cyber activities to identify entities of interest, determine malicious behavior, and recognize patterns and linkages; Conduct technical analysis against target systems and networks, identify vulnerabilities, and support the development of new exploitation techniques.
- Investigate computer and information security incidents to determine the extent of compromise to information and automated information systems ; Conduct dynamic malware analysis and perform memory and dead-box forensics ; Assess scope of malware campaigns and determine necessary remediation actions.
- Perform long-term and time-sensitive in-depth technical analysis of malicious code (malware), developing defensive countermeasures, and producing reports for dissemination.
- Using static and dynamic methodologies for malware analysis, such as debuggers, disassemblers, and sandbox execution. Develop and maintain standard operating procedures (SOPs) and rules of engagement (ROE) templates.
Minimum Qualifications:
- 9 + years of progressively responsible experience in cyber security, incident response, or forensic investigations including malware analysis and a B achelor's degree in computer science , engineering, information technology, cybersecurity, or related field of study
- An 8570 compliant certifications in IAT Level III
- One of the following relevant certifications: GIAC Certified Forensic Analyst (GCFA), Certified Information Systems Security Professional (CISSP), or Certified Cyber Forensics Professional (CCFP)
- Knowledge and experience with Threat Intel Frameworks ( e.g. Cyber Kill Chain, MITRE ATT&CK, Diamond Model)
- Demonstrated experience using EnCase, FTK, and Open-Source methods and tools to perform Computer forensic investigations
- Experience with Splunk, CrowdStrike Falcon, Security Onion, EnCase, Axiom,
- Experience with network topologies and network security devices ( e.g. Firewall, IDS/IPS, Proxy, DNS, WAF, etc ).
Clearance Requirements:
- Must have a current/active Secret clearance with the ability to obtain and maintain a TS/SCI.
- The ability to obtain and maintain a DHS EOD suitability is required prior to starting this position.
Physical Requirements:
- Must be able to remain in a stationary position for extended periods of time.
- Needs to occasionally move about inside the office to access file cabinets, office machinery, etc.
- Constantly operates a computer and other office productivity machinery, such as a calculator, copy, machine, and computer printer.
- The person in this position frequently communicates with co-workers, management, and customers,
- which may involve delivering presentations. Must be able to exchange accurate information in these situations.
group id: RTX14564a
ManTech Corporate Capabilities