ManTech seeks a motivated, career and customer-oriented Red Team Intelligence Analyst -Nuclear Security to join our team in Arlington, VABecome an integral part of a diverse team while working at an Industry Leading Organization, where our employees come first. At ManTech International, you’ll help protect our national security while working on innovative projects that offer opportunities for advancement.Responsibilities include, but not limited:Leveraging multi domain intelligence and information, examine the strategy, beliefs, abilities and methodologies, organizational construct, and tactics, techniques, and procedures of identified adversaries.Liaise with other Red Team entities and supporting organizations operating in the same problem space to cross check hypotheses, assessments, and identify any unexplored information and concepts.Create collection and assessment strategies from identified information requirements and foundations, derived from a myriad of intelligence and open source and publicly available means to ascertain Sino-Russian intentions and potential actions.Perform analysis of adversarial entities to define their systematic approach and identify critical infrastructure and requirements in support of that approach.Forecast adversarial action and intent that could impact the efficacy of US and partner nation national security and livelihood including effects on infrastructure, communications, personnel, economics, the environment, and governmental ecosystems.Author and participate in program documentation development in support of Red Team operations. These reports could include strategy documents, senior level presentations, after action reviews, white papers, concept papers and risk assessments.Minimum Qualifications:Must possess a Bachelor of Science Degree in a STEM or Business Field and 7 years of experience.Extensive experience in Red Team operations and Wargaming at the strategic and operational levels.Conversant in military to military, geo-political, and political-military Nuclear Security landscapes.Experience developing & delivering senior level briefs.Demonstrated experience in a field related to OSINT research, collection management, or analysis or the exploitation of PAI or social media.Experience with conducting open-source research, all-source intelligence analysis, or targeting.Experience with accessing, researching, and exploiting global and regional social media and digital platforms.Knowledge of advanced Internet-based research, including Boolean logic, advanced research techniques, search engine and database resources, and Internet sources, including social media, social networking tools, and commercial and industry-based databasesClearance Requirements:Active TS/SCI with the ability to obtain and maintain a PolygraphPhysical Requirements:Must be able to remain in a stationary position 50%.Must be able to communicate, converse, and exchange information with peers and senior personnel.The person in this position needs to occasionally move about inside the office to access file cabinets, office machinery, etc.

ManTech seeks a motivated, career and customer-oriented Cyber Security Operations Center (CSOC) Analyst to join our team in McLean, Virginia. As a CSOC Analyst on our team, you will lead the technical oversight and execution of cyber investigations and incident response activities within our large enterprise environment. This role is critical to detecting, analyzing, and mitigating Advanced Persistent Threat (APT) campaigns and other sophisticated cyber threats. You will act as a technical consultant within the SOC, capable of mentoring junior analysts, ensuring investigation quality, and driving improvements in response processes across all SOC domains.Responsibilities include, but are not limited to:Conduct cyber investigations and end to end incident responseProvide technical oversight and quality control across the CSOCIdentify opportunities for process improvement and efficiencies and provide change management leadership to the CSOC teamProvide mentoring and skill development to less experienced analystsMinimum Qualifications:Bachelor’s degree and 6+ years of experience in cyber security operations or incident response or High School Diploma and 10+ years of experience in cyber security operations or incident responseExperience with investigating and responding to APT threat campaigns, nation-state actors, and advanced cyber attacksExperience in host-based forensics, memory analysis or network forensicsExperience working with EDR, SIEM, SOAR, forensic tools, and malware analysis platformsKnowledge of MITRE ATT&CK and adversary tactics, techniques, and procedures (TTPs)Ability to lead and mentor less experienced team membersPreferred Qualifications:Certifications such as GCIH, GCFA, GNFA, GCFE, GREM, OSCP, or equivalentExperience with cloud security incidents (AWS, Azure, GCP) and hybrid security modelsExperience developing custom detection rules (YARA, Sigma, Snort, Suricata) and automation scripts (Python, PowerShell, Bash)Experience in penetration testing and/or CNE/CNO activitiesClearance Requirements:Must have a current/active TS/SCI w/ polygraphPhysical Requirements:The person in this position must be able to remain in a stationary position 50% of the time

ManTech is seeking a highly skilled and motivated Cyber Detection and Response Analyst to join our dynamic Cyber Incident Response Team. As a key member of the team, you will be responsible for proactively monitoring, detecting, analyzing, and responding to cybersecurity incidents within our large enterprise network. Your expertise in incident detection, analysis, and response will play a vital role in safeguarding our organization's critical assets and ensuring the integrity of our information systems.Responsibilities include, but are not limited to:Incident Detection and MonitoringUtilize SIEM (Security Information and Event Management) systems and other detection technologies to identify and investigate security anomalies.Collaborate with other teams to establish and fine-tune detection rules and alerts.Incident Analysis and InvestigationConduct in-depth analysis of detected incidents to determine the nature, extent, and impact of the cybersecurity threats.Perform forensic analysis, including examining network traffic, log files, and system artifacts, to identify the root cause and potential entry points of incidents.Document incident findings, including the attack methodology, IOCs, and recommended mitigation measures.Collaborate with cross-functional teams, such as network engineers, system administrators, and legal representatives, to gather and analyze relevant information during incident investigationsIncident Response and MitigationExecute the incident response process, following established procedures and protocols, to contain, mitigate, and remediate security incidents.Coordinate with internal teams and external stakeholders to ensure a swift and effective response to incidents, including communication, containment, and recovery activities.Utilize incident response tools and technologies to facilitate the investigation, containment, and eradication of threats.Provide recommendations for remediation actions and improvements to security controls and processes based on incident findings and lessons learned.Threat Intelligence and Vulnerability ManagementStay up to date with the latest cybersecurity threats, vulnerabilities, and industry best practices.Monitor external sources for threat intelligence and emerging trends to enhance the organization's incident detection and response capabilities.Contribute to vulnerability management activities by assessing and prioritizing vulnerabilities and providing guidance on remediation strategies.Reporting and DocumentationPrepare clear and concise incident reports, including detailed timelines, analysis, and recommendations for senior management and relevant stakeholders.Maintain accurate and up-to-date documentation of incidents, investigations, actions taken, and lessons learned.Assist in the development and maintenance of incident response playbooks, procedures, and guidelines.Basic Qualifications:2+ years of experience in Cybersecurity, Information Technology , Computer Science or other relevant technical field; experience can be any combination professional experience, internships , lab work or coursework.Experience with one or more of the following: SIEM systems, network security tools, log analysis tools, cybersecurity principles, incident detection, analysis, and response methodologies, operating systems, network protocols, and security technologies.DoD 8570 IAT-II required (can be obtained after hire)Security Requirements: Active/Current TS/SCI with polygraph

ManTech seeks an Information Systems Security Engineer (ISSE) to join our team in Herndon, Virginia. Join ManTech and help protect our country against cyber adversaries by creating robust and cutting-edge cybersecurity solutions.Responsibilities include, but are not limited to:Review and assess Risk Management Framework (RMF) authorization body of evidence for classified information systems, to include System Security Plan (SSP), Security Control Traceability Matrix (SCTM), Continuous Monitoring Plan, Incident Response Plan, Access Control Plan, and Security Assessment PlanReview new and existing systems for technical compliance with IA directives and protection of data at all classification levels including SCIAdvise on in-depth security design review and threat/risk assessmentsProvide inputs to technical artifacts, including Plans of Action and Milestones (POA&Ms), Security Control Traceability Matrices (SCTM), and Risk Assessment Reports (RARs)Conduct site visits (as required) and assessments to inspect IA plans and security control implementations and support Incident Response Team (IRT) activitiesMinimum Qualifications:Bachelor’s degree and 3+ years of technical experience or High School Diploma and 7+ years of technical experience3+ years of implementing NIST 800-53, Rev 4 and the Risk Management Framework (RMF)3+ years of using information security and assurance practices and principles for the customer3+ years of experience with Windows and Linux environments3+ years of experience with virtualization or cloud environmentsExperience with information security tools such as MS Active Directory, Splunk, ACAS/Nessus, McAfee and AWS SecurityDoD 8570 IAT Level II certification or higherPreferred Qualifications:Knowledge of enterprise cyber defense tools and technologies such as SIEM systems,SysMon, network and host based IDS and IPS, network and host-based malware detection and prevention, Endpoint Detection & Response (EDR) and Network Detection & Response (NDR), Network and Host malware detection and prevention (EDR/NDR) tools, forensics tools and applications, Web/Email gateway security technologies, Security Orchestration, Automation and Response (SOAR) and cloud based platforms such as Azure, AWS, or GoogleClearance Requirements:Must have a current/active TS/SCI w/PolygraphPhysical Requirements:The person in this position must be able to remain in a stationary position 50% of the time