Posted today
Top Secret/SCI
Unspecified
Unspecified
IT - Security
Ashburn, VA (On-Site/Office)
MANTECH seeks a motivated, career and customer-oriented Cyber Threat Hunt Lead to join our team in Ashburn, VA.
The ultimate purpose of this role is to provide the disciplined leadership and structural organization necessary to rapidly implement critical, high-impact security solutions that directly protect the Nation's digital borders while ensuring continuous, compliant contract delivery for 24x7x365 network, cyber, and cloud services.
Responsibilities include but are not limited to:
Minimum Qualifications:
Clearance Requirements:
Physical Requirements:
The ultimate purpose of this role is to provide the disciplined leadership and structural organization necessary to rapidly implement critical, high-impact security solutions that directly protect the Nation's digital borders while ensuring continuous, compliant contract delivery for 24x7x365 network, cyber, and cloud services.
Responsibilities include but are not limited to:
- Establishing the executing the Cyber Threat Hunting strategy, including threat modeling and proactively searching for malicious activity.
- Utilize threat models and Cyber Threat Intelligence (CTI) to formulate complex hypotheses about attacker activity.
- Executing proactive, cross-domain hunt efforts against government networks to uncover advanced threats that evade automated security systems.
- Coordinating Purple Team engagements by providing Tactics, Techniques, and Procedures (TTPs) and analyzing the results to eliminate any blind spots.
- Conducting Ad Hoc hunts using Open-Source Intelligence (OSINT) and the MITRE ATT&CK Framework.
Minimum Qualifications:
- Bachelor's degree in computer science, engineering, information technology, or cybersecurity with at least 10 years of relevant experience.
- Five (5+) years of experience as a Tier III senior cyber threat hunt analyst.
- Certified Ethical Hacker (CEH) OR one of the following: DoD 8570 IAT Level II, IAM Level I, CSSP Analyst/Incident Responder.
- Deep knowledge of capabilities and experience with SIEM and networked-device management tools such as Splunk and Tanium.
Clearance Requirements:
- Must have an active/ current TS/SCI clearance.
- Must be able to obtain and maintain a CBP BI (Background Investigation).
Physical Requirements:
- Must be able to be in a stationary position more than 50% of the time
- Must be able to communicate, converse, and exchange information with peers and senior personnel
- Constantly operates a computer and other office productivity machinery, such as a computer
- The person in this position frequently communicates with co-workers, management, and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations
- The person in this position needs to occasionally move about inside the office to access file cabinets, office machinery, etc.
group id: RTX14564a
