Mantech

ManTech seeks a motivated, career and customer-oriented Computer Network Defense Intrusion Analyst to help support our DISA GSMO-II contract out of Stuttgart, Germany.

This is a funded position on a multiyear contract through July, 2030. Relocation will be provided and you will have access to all base privileges to include the military commissary and BX/PX. You will also receive HOLA/COLA allowances and will have access to DoDDS Schools or international schools for all dependents.

Responsibilities include but are not limited to:

• The Computer Network Defense Intrusion Analyst / Real Time Analyst will be supporting multiple components and subscribers of the Defense Information Systems Agency (DISA) Computer Network Defense Service Provider (CND-SP) and other supported components.  

• There is daily interaction with members of intrusion analysis, incident response, vulnerability assessment, external assessment, and cyber threat analysis teams to support the capabilities of the organization and provide effective services to its subscribers.

• First-level/follow-on intrusion incident analysis

• Incident, event, and mission impact determination / escalation / prioritization.

• Coordinating incident and event feedback to customers.

• Customer Support Desk operations.

• Supporting IA Ops reviews, assessments, exercises, and operations surges.

• Incident-event-network outage correlation.

• Anti-virus software support – Assisting with download, setup and configuration errors.

• Coordinating between Theater CND teams, other Computer Emergency Response Teams (CERT), Global, Joint or Theater Command and Control Centers, and Service Theater CERTs.

Minimum Qualifications:

• Bachelor's degree in a computer science, electrical engineering, or similarly related technical discipline plus 5 years of experience in a technical environment. Alternatively, a technical Master’s Degree plus 2 years’ experience. (In lieu of a degree, relevant certification plus 10 years’ experience, two years of which shall be with an accredited Computer Network Defense Service Provider or equivalent.)

• Must hold DoD-8570 IAT Level 2 or higher baseline certification (Security+ CE or equivalent); within 4 months of start date, must obtain Certified Ethical Hacker (CEH), GIAC Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), or CySA+.

• Knowledge of security concepts, protocols (TCP/IP, HTTP, etc.), well-known ports (DNS, SMTP, FTP, LDAP, etc.), processes, architectures, and tools (authentication and access control technologies, intrusion detection, network traffic analysis, SIM technology, incident handling, media/malware analysis, etc.).

• Experience with analyzing network traffic for suspicious and malicious activity using tools such as Wireshark (or equivalent) for packet capture analysis and the Carnegie-Mellon SiLK suite for flow data analysis.

• Experience with incident/event correlation tools such as ArcSight.

• Ability to obtain Technical Expert Status Accreditation (TESA) in Germany

Preferred Qualifications:

• Scripting Language (one or more of the following): Perl / Python / BASH.

• Current knowledge of CYBERCOM CNDSP policies and procedures.

• Knowledge of Snort intrusion detection signatures

Clearance Requirement:

• Must have an Active Top Secret with the ability to obtain and maintain a Top Secret / SCI

Physical Requirement:

• Sedentary work