Mantech

ManTech seeks a motivated, career and customer-oriented Senior Cloud Cybersecurity Analyst to join our team in the DC, Maryland, and Virginia (DMV) area.   

In this role you will ensure that the architecture and design of cloud-hosted information systems are functional and secure. You will conduct strategic planning and recommend implementation strategies. You will provide advice and assistance on various security and privacy matters, including policy, trusted product assessment, enterprise security engineering, secure cloud systems management, penetration testing, insider threat analysis, cyber situation awareness, attack detection, secure networking, secure operating systems, secure workstations, secure data management, secure web technology, secure protocols, and authentication.

Responsibilities include, but are not limited to: 

• Lead and conduct cloud cyber security analysis investigations, including data recovery, analysis, and reporting; write forensics and incident response reports, investigate computer attacks, and extract data from electronic systems; Draft and brief contract and government leadership as needed

• Utilize the MITRE ATT&CK framework and other techniques to identify, assess, and address cyber threats and vulnerabilities; conduct technical analysis against target systems and networks, identify vulnerabilities, and support the development of new exploitation techniques

• Apply the MITRE D3FEND framework to develop and implement defensive measures against cyber threats; collaborate with other cybersecurity professionals, law enforcement agencies, and intelligence organizations to share information and coordinate response efforts.

• Provide advice, design, recommend, develop, and implement cloud and hybrid cyber security solutions optimizing the enterprise network security posture

• Investigate computer and information security incidents to determine the extent of compromise to information and automated information systems.

• Perform long-term and time-sensitive in-depth technical analysis of malicious code (malware), developing defensive countermeasures, and producing reports for dissemination.

• Collaborate with the Splunk team to implement, enhance, or change existing use cases; assess scope of malware campaigns and determine necessary remediation actions; conduct remote compromise assessments and producing assessment reports.

Minimum Qualifications: 

• Bachelor’s degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field

• 9+ years experience in cloud security analysis, threat detection and response, and implementation of cybersecurity controls across cloud platforms, ensuring compliance with government or industry standards.

• 8570 compliant certifications in IAT Level III, and one of the following relevant certifications- GIAC Certified Forensic Analyst (GCFA), Certified Information Systems Security Professional (CISSP), or Certified Cyber Forensics Professional (CCFP).

• Knowledge and experience with Threat Intel Frameworks (e.g. Cyber Kill Chain, MITRE ATT&CK, Diamond Model)

• Demonstrated experience using EnCase, FTK, and Open-Source methods and tools to perform Computer Forensic investigations

• Experience with Splunk, CrowdStrike Falcon, Security Onion, EnCase, Axiom, FTK, Volatility, Suricata,

• Experience with network topologies and network security devices (e.g. Firewall, IDS/IPS, Proxy, DNS, WAF, etc).

Clearance Requirements: 

• Must have a current/active Secret clearance with the ability to obtain and maintain a TS/SCI.

• The ability to obtain and maintain a DHS EOD suitability is required prior to starting this position.

 Physical Requirements: 

• Must be able to remain in a stationary position 50% 

• Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine and computer printer 

• The person in this position needs to occasionally move about inside the office to access file cabinets, office machinery, etc.