ManTech seeks a motivated, career and customer-oriented Cyber Security Operations Center (CSOC) Analyst to join our team in McLean, Virginia. As a CSOC Analyst on our team, you will lead the technical oversight and execution of cyber investigations and incident response activities within our large enterprise environment. This role is critical to detecting, analyzing, and mitigating Advanced Persistent Threat (APT) campaigns and other sophisticated cyber threats. You will act as a technical consultant within the SOC, capable of mentoring junior analysts, ensuring investigation quality, and driving improvements in response processes across all SOC domains.Responsibilities include, but are not limited to:Conduct cyber investigations and end to end incident responseProvide technical oversight and quality control across the CSOCIdentify opportunities for process improvement and efficiencies and provide change management leadership to the CSOC teamProvide mentoring and skill development to less experienced analystsMinimum Qualifications:Bachelor’s degree and 6+ years of experience in cyber security operations or incident response or High School Diploma and 10+ years of experience in cyber security operations or incident responseExperience with investigating and responding to APT threat campaigns, nation-state actors, and advanced cyber attacksExperience in host-based forensics, memory analysis or network forensicsExperience working with EDR, SIEM, SOAR, forensic tools, and malware analysis platformsKnowledge of MITRE ATT&CK and adversary tactics, techniques, and procedures (TTPs)Ability to lead and mentor less experienced team membersPreferred Qualifications:Certifications such as GCIH, GCFA, GNFA, GCFE, GREM, OSCP, or equivalentExperience with cloud security incidents (AWS, Azure, GCP) and hybrid security modelsExperience developing custom detection rules (YARA, Sigma, Snort, Suricata) and automation scripts (Python, PowerShell, Bash)Experience in penetration testing and/or CNE/CNO activitiesClearance Requirements:Must have a current/active TS/SCI w/ polygraphPhysical Requirements:The person in this position must be able to remain in a stationary position 50% of the time

ManTech is seeking a highly skilled and motivated Cyber Detection and Response Analyst to join our dynamic Cyber Incident Response Team. As a key member of the team, you will be responsible for proactively monitoring, detecting, analyzing, and responding to cybersecurity incidents within our large enterprise network. Your expertise in incident detection, analysis, and response will play a vital role in safeguarding our organization's critical assets and ensuring the integrity of our information systems.Responsibilities include, but are not limited to:Incident Detection and MonitoringUtilize SIEM (Security Information and Event Management) systems and other detection technologies to identify and investigate security anomalies.Collaborate with other teams to establish and fine-tune detection rules and alerts.Incident Analysis and InvestigationConduct in-depth analysis of detected incidents to determine the nature, extent, and impact of the cybersecurity threats.Perform forensic analysis, including examining network traffic, log files, and system artifacts, to identify the root cause and potential entry points of incidents.Document incident findings, including the attack methodology, IOCs, and recommended mitigation measures.Collaborate with cross-functional teams, such as network engineers, system administrators, and legal representatives, to gather and analyze relevant information during incident investigationsIncident Response and MitigationExecute the incident response process, following established procedures and protocols, to contain, mitigate, and remediate security incidents.Coordinate with internal teams and external stakeholders to ensure a swift and effective response to incidents, including communication, containment, and recovery activities.Utilize incident response tools and technologies to facilitate the investigation, containment, and eradication of threats.Provide recommendations for remediation actions and improvements to security controls and processes based on incident findings and lessons learned.Threat Intelligence and Vulnerability ManagementStay up to date with the latest cybersecurity threats, vulnerabilities, and industry best practices.Monitor external sources for threat intelligence and emerging trends to enhance the organization's incident detection and response capabilities.Contribute to vulnerability management activities by assessing and prioritizing vulnerabilities and providing guidance on remediation strategies.Reporting and DocumentationPrepare clear and concise incident reports, including detailed timelines, analysis, and recommendations for senior management and relevant stakeholders.Maintain accurate and up-to-date documentation of incidents, investigations, actions taken, and lessons learned.Assist in the development and maintenance of incident response playbooks, procedures, and guidelines.Basic Qualifications:2+ years of experience in Cybersecurity, Information Technology , Computer Science or other relevant technical field; experience can be any combination professional experience, internships , lab work or coursework.Experience with one or more of the following: SIEM systems, network security tools, log analysis tools, cybersecurity principles, incident detection, analysis, and response methodologies, operating systems, network protocols, and security technologies.DoD 8570 IAT-II required (can be obtained after hire)Security Requirements: Active/Current TS/SCI with polygraph

ManTech is seeking a motivated, career and customer-oriented Information System Security Engineer (ISSE) to join our team in Linthicum Heights, MD. This role is vital for ensuring the confidentiality, integrity, and availability of systems within secure environments.The ISSE will provide cybersecurity and systems engineering support to:Link Encryptor Family (LEF) development, evaluation and certification efforts.Ensure interoperability between LEF implementations by specifying requirements and verifying compliance. Develop new versions of the LEF Cryptographic Interoperability Specification (LEFCIS) and maintain existing versions.Provide laboratory engineering support and participate in planning, setup, testing, and reporting of security, functionality, interoperability, and conformance testing of LEF products.Minimum requirements needed to qualify for the role:Fourteen years experience as an ISSE on programs and contracts of similar scope, type, complexity within the Federal Government is required.Bachelor’s degree in computer science, Information Assurance, Information Security System Engineering or related discipline from an accredited college or university is required.Four years of additional ISSE experience may be substituted for a bachelor’s degree.DoD 8570 compliance with IASAE Level 2 is required, CISSP CertificationUnderstanding of encryption technologies and cryptographic principles.Knowledge of system certification and accreditation (C&A) processes.Experience in performing vulnerability assessments, threat modeling, and risk analysis.Knowledge of network devices, including routers, switches, firewalls, and intrusion detection/prevention systems.Understanding of networking concepts and protocols, including serial communications (EIA-530, EIA-422/423, EIA-232, EIA-644), TCP/IP, HTTP/S, SSL/TLS, and RESTCONF/YANG.Knowledge of Operating Systems, including Linux, Windows and VMwarePreferred Qualifications:Deep understanding of symmetric and asymmetric key management techniques and principles.Experience with encryptors, secure communications, and cryptographic product evaluation.Familiarity with the agency’s Information Assurance Security Requirements Directive (IASRD) and Security Evaluation Requirements Document (SERD) requirements and security methods necessary to meet requirements.Experience reviewing and analyzing security documentation required to obtain agency certificationExperience with test equipment and analysis tools, including oscilloscopes, logic analyzers, network sniffers, and LAN/WAN testers.Experience with installation, configuration, and use of Link Encryptor Family devices, including KIV-7M.Knowledge of Tactical Data Links, such as Link-11, Link-16, and Link-22.Knowledge of satellite system Ground Operating Equipment encryptors, such as MYK-15A, MYK-16B, MYK-17B, and GRYPHON.Knowledge of the Link Encryptor Family Cryptographic Interoperability Specification (LEFCIS).Experience in the development and operation of LEFCIS compliant products.Experience developing Operational Security Doctrine and policies that define cybersecurity objectives for the protection and use of LEF devices.Experience in designing security solutions to mitigate risks and ensure compliance with government regulations (e.g., RMF, FISMA, NIST 800-53).Certifications relevant to Linux or specific networking technologies are a plus (e.g., RHCSA, RHCE, or CCNA).Clearance Requirements:Must have a current/active TS/SCI w/ PolygraphPhysical Requirements:Must be able to remain in a stationary position 50% of the time. Occasionally move about inside the office to access file cabinets, office machinery, or to communicate with co-workers, management, and customers, via email, phone, and or virtual communication, which may involve delivering presentations.