ManTech seeks a motivated, career and customer-oriented Cyber Security Forensics Analyst to join our team in the DC, Maryland, and Virginia (Northern) DMV area.

In this role you will be responsible for conducting advanced digital forensics investigations, analyzing cyber threats, and developing strategies to mitigate risks. This role requires a deep understanding of cyber forensics, the MITRE ATT&CK framework, and the MITRE D3FEND framework.

 

Responsibilities Include But Are Not Limited To

• Lead and conduct complex digital forensics investigations, including data recovery, analysis, and reporting; Develop briefings and reports providing briefings to contract and government leadership and others as requested/required.
• Utilize the MITRE ATT&CK framework and other techniques to identify, assess, and address cyber threats and vulnerabilities; Apply the MITRE D3FEND framework to develop and implement defensive measures against cyber threats.
• Collaborate with other cybersecurity professionals, cybersecurity and network teams, law enforcement agencies, and intelligence organizations to share information and coordinate response efforts.
• Analyze cyber activities to identify entities of interest, determine malicious behavior, and recognize patterns and linkages; Conduct technical analysis against target systems and networks, identify vulnerabilities, and support the development of new exploitation techniques.
• Investigate computer and information security incidents to determine the extent of compromise to information and automated information systems; Conduct dynamic malware analysis and perform memory and dead-box forensics; Assess scope of malware campaigns and determine necessary remediation actions.
• Perform long-term and time-sensitive in-depth technical analysis of malicious code (malware), developing defensive countermeasures, and producing reports for dissemination.
• Using static and dynamic methodologies for malware analysis, such as debuggers, disassemblers, and sandbox execution. Develop and maintain standard operating procedures (SOPs) and rules of engagement (ROE) templates.
  
  

 

Minimum Qualifications

• 9+ years of progressively responsible experience in cyber security, incident response, or forensic investigations including malware analysis and a Bachelor’s degree in computer science, engineering, information technology, cybersecurity, or related field of study
• An 8570 compliant certifications in IAT Level III
• One of the following relevant certifications: GIAC Certified Forensic Analyst (GCFA), Certified Information Systems Security Professional (CISSP), or Certified Cyber Forensics Professional (CCFP)
• Knowledge and experience with Threat Intel Frameworks (e.g. Cyber Kill Chain, MITRE ATT&CK, Diamond Model)
• Demonstrated experience using EnCase, FTK, and Open-Source methods and tools to perform Computer forensic investigations
• Experience with Splunk, CrowdStrike Falcon, Security Onion, EnCase, Axiom,
• Experience with network topologies and network security devices (e.g. Firewall, IDS/IPS, Proxy, DNS, WAF, etc).  
  
  

Clearance Requirements

• Must have a current/active Secret clearance with the ability to obtain and maintain a TS/SCI.
• The ability to obtain and maintain a DHS EOD suitability is required prior to starting this position.
  
  

Physical Requirements

• Must be able to remain in a stationary position for extended periods of time.
• Needs to occasionally move about inside the office to access file cabinets, office machinery, etc.
• Constantly operates a computer and other office productivity machinery, such as a calculator, copy, machine, and computer printer.
• The person in this position frequently communicates with co-workers, management, and customers,
• which may involve delivering presentations. Must be able to exchange accurate information in these situations.