Today
Secret
Unspecified
Unspecified
IT - Security
Lorton, VA (On-Site/Office)
MANTECH is seeking a motivated, career and customer-oriented Cyber Threat Intelligence Analyst to join our team in Lorton, VA.
The core responsibility of the Cyber Threat Intelligence Analyst is to conduct deep research into social engineering and cyber-attack campaigns and collaborate closely with data scientists, researchers, investigators, engineers, and internal & external partners to counter these threats. This person will own the Cyber Threat Operations Center (CTOC) Threat Intelligence processes and procedures. This role may include the need to work outside of core hours on high priority investigations and may also include on-call responsibilities.
Responsibilities include but are not limited to:
Minimum Qualifications:
Preferred Qualifications:
Security Clearance Requirements:
Physical Requirements:
The core responsibility of the Cyber Threat Intelligence Analyst is to conduct deep research into social engineering and cyber-attack campaigns and collaborate closely with data scientists, researchers, investigators, engineers, and internal & external partners to counter these threats. This person will own the Cyber Threat Operations Center (CTOC) Threat Intelligence processes and procedures. This role may include the need to work outside of core hours on high priority investigations and may also include on-call responsibilities.
Responsibilities include but are not limited to:
- Identify and analyze techniques that are relevant to our protection systems, being proactive to bring awareness to the activity prior to any compromise.
- Produce intelligence on the attack landscape that drives actionable protection
enhancements into our product, services, and infrastructure. - Prototype new detection methods and experiment with new data sources, tools, and methods for proactively identifying and monitoring attacker campaigns and changes in the attack landscape.
- Collaborate effectively and share actionable curated intelligence with internal and external stakeholders to help them drive impact and disruption through their workflows.
- Recommend and make appropriate updates to CTOC Threat Intelligence processes, procedures, and tools; publish intelligence on novel social engineering techniques and campaigns.
- Mentor others and contribute to an inclusive and collaborative team culture.
Minimum Qualifications:
- Bachelor's degree and at least 5 years of experience in the areas of Security Operations, Malware analysis, Threat Intelligences, Cyber Incident Response, and / or Penetration Testing. Additional 1 year of experience may be substituted in lieu of a degree.
- ACTIVE DoD 8570 IAT Level 2 or Higher Certification upon start
- 3+ years of data analysis and scripting experience (SQL, Python, C#, Regex, Azure Data Explorer - KQL, etc.)
- Possess the ability to immediately take ownership of the role and operate with minimal guidance.
- Experience with the MITRE ATT&CK Framework, the Cyber Kill Chain and/or other tools used for threat intelligence or hunting.
- Proficient in research and writing (e.g. SOPs, threat intelligence reports, etc.)
- Awareness of modern security related subjects and trends such as threat hunting and modeling, digital forensics, reverse engineering, phishing, and penetration testing.
Preferred Qualifications:
- Experience with Cyber Threat Intelligence in Cloud environments.
- CISSP, CISA, CISM, SANS, GCIA, GCIH, MITRE ATT&CK and/or OSCP certifications
- Desire to acquire Microsoft SC-200
- Experience with Azure Sentinel, Defender for Cloud and/or Microsoft Defender Threat Intelligence is desired.
- Familiarity with Common Vulnerabilities and Exposures (CVE) tracking and remediation.
Security Clearance Requirements:
- Must have an Active Top-Secret Clearance with SCI Eligibility.
Physical Requirements:
- Sedentary Work
group id: RTX14564a
