ManTech seeks a Cyber Threat Hunt Analyst to join our Cyber Security Operations Center (CSOC) in McLean, VA. The ideal candidate will have a deep understanding of cyber threat hunting, advanced persistent threats (APTs), and the latest tactics, techniques, and procedures (TTPs) used by adversaries. Join ManTech and play a vital role in our nation’s security by helping to enhance our security posture.
Responsibilities include but are not limited to:
- Conduct threat hunting activities to detect advanced threats that evade traditional security solutions and continuously monitor and analyze threat intelligence sources to stay informed about emerging threats.
- Search for signs of malicious activity in our network and systems. Develop and implement new and innovative threat detection techniques and strategies.
- Analyze large datasets to identify patterns and anomalies indicative of malicious activities.
- Collaborate with other CSOC team members and stakeholders to respond to and investigate security incidents. Provide detailed reports and briefings on threat hunting activities and findings to senior management.
- Develop and maintain threat hunting playbooks, processes, and procedures.
- Perform in-depth forensic analysis to understand the nature and impact of threats.
- Participate in the development and refinement of security monitoring and incident response tools and processes.
Minimum Qualifications:
- High School Diploma and 2+ years of experience in cyber threat hunting, incident response, or a related cybersecurity field
- Experience working with network protocols, operating systems, and security architectures
- Experience using threat hunting and forensic tools.
Preferred Qualifications:
- Bachelor's degree
- Relevant certifications such as GCIH, GCFA, GNFA, or equivalent
- Experience with scripting and programming languages such as Python, PowerShell or similar
- Knowledge of machine learning and data analytics techniques as they apply to threat hunting
- Familiarity with cloud security and threat hunting in cloud environments.
- Understanding of regulatory and compliance requirements related to cybersecurity (e.g., GDPR, HIPAA).
Clearance Requirement:
- Must have a current/active TS/SCI w/Polygraph
Physical Requirements:
- must be able to remain in stationary position at least 50% of the time
SKN.7.23