ManTech seeks a motivated, career and customer-oriented CyberDetection Engineer to join our team in McLean, Virginia. As a Cyber Detection Engineer on our team, you will enhance our cybersecurity detection and response capabilities. You will play a key role in improving our ability to identify, analyze, and respond to cyber threats through custom detection logic, automated workflows, and advanced threat-hunting techniques. This role is ideal for someone with strong programming skills, deep knowledge of Security Information & Event Management(SIEM) platforms, and experience developing high-fidelity security detections and automation workflows.Responsibilities include, but are not limited to:Detection Engineering & DevelopmentSecurity Automation & OrchestrationThreat Detection & AnalysisEndpoint & Network Security (EDR & NDR)Required Qualifications:Bachelor’s Degree and 2+ years of experience in cyber security operations or High School Diploma and 6+ years of experience in operationsExperience in cyber detection engineering, threat hunting, incident response, cyber network operations (CNO) or cyber network engineering (CNE)Experience programming in Python or a similar language for automation and data analysisExperience with SIEM platforms such as Splunk, ELK, Sentinel, Chronicle, or similarExperience with YARA, Snort, Suricata, or other signature-based detection technologiesExperience working with MITRE ATT&CK framework, or similar, for adversary tactics and techniques mappingPreferred Qualifications:Experience with penetration testing, red teaming, or reverse engineeringExperience with SOAR solutions and automation workflowsExperience developing custom detection methodologiesExperience with threat intelligence platforms and integrating threat intelligence feeds into security operationsKnowledge of Windows Internals and forensic artifacts for endpoint securityCertifications such as GCDA, GCIH, GCFA, OSCP, or Splunk Certified Security ProfessionalClearance Requirements:Must have a current/active TS/SCI w/PolygraphPhysical Requirements:The person in this position must be able to remain in a stationary position 50% of the timeSKN.7.23

ManTech is seeking a highly skilled and motivated Cyber Detection and Response Analyst to join our dynamic Cyber Incident Response Team. As a key member of the team, you will be responsible for proactively monitoring, detecting, analyzing, and responding to cybersecurity incidents within our large enterprise network. Your expertise in incident detection, analysis, and response will play a vital role in safeguarding our organization's critical assets and ensuring the integrity of our information systems.Responsibilities include, but are not limited to:Incident Detection and MonitoringUtilize SIEM (Security Information and Event Management) systems and other detection technologies to identify and investigate security anomalies.Collaborate with other teams to establish and fine-tune detection rules and alerts.Incident Analysis and InvestigationConduct in-depth analysis of detected incidents to determine the nature, extent, and impact of the cybersecurity threats.Perform forensic analysis, including examining network traffic, log files, and system artifacts, to identify the root cause and potential entry points of incidents.Document incident findings, including the attack methodology, IOCs, and recommended mitigation measures.Collaborate with cross-functional teams, such as network engineers, system administrators, and legal representatives, to gather and analyze relevant information during incident investigationsIncident Response and MitigationExecute the incident response process, following established procedures and protocols, to contain, mitigate, and remediate security incidents.Coordinate with internal teams and external stakeholders to ensure a swift and effective response to incidents, including communication, containment, and recovery activities.Utilize incident response tools and technologies to facilitate the investigation, containment, and eradication of threats.Provide recommendations for remediation actions and improvements to security controls and processes based on incident findings and lessons learned.Threat Intelligence and Vulnerability ManagementStay up to date with the latest cybersecurity threats, vulnerabilities, and industry best practices.Monitor external sources for threat intelligence and emerging trends to enhance the organization's incident detection and response capabilities.Contribute to vulnerability management activities by assessing and prioritizing vulnerabilities and providing guidance on remediation strategies.Reporting and DocumentationPrepare clear and concise incident reports, including detailed timelines, analysis, and recommendations for senior management and relevant stakeholders.Maintain accurate and up-to-date documentation of incidents, investigations, actions taken, and lessons learned.Assist in the development and maintenance of incident response playbooks, procedures, and guidelines.Basic Qualifications:2+ years of experience in Cybersecurity, Information Technology , Computer Science or other relevant technical field; experience can be any combination professional experience, internships , lab work or coursework.Experience with one or more of the following: SIEM systems, network security tools, log analysis tools, cybersecurity principles, incident detection, analysis, and response methodologies, operating systems, network protocols, and security technologies.DoD 8570 IAT-II required (can be obtained after hire)Security Requirements: Active/Current TS/SCI with polygraph