Description & Requirements
ManTech is seeking a motivated, career and customer-oriented Threat Intelligence Analyst to join our team in Ft. Meade, MD.
Responsibilities include but are not limited to:
Reviews and assesses raw NetFlow data and identifies any malicious cyber activity directed towards any agency customer entity or partnered organizations.
Process and enrich information to ensure timely, actionable, high-confidence IOCs are ingested and shared with key stakeholders.
Aid/guide cyber analysts in threat hunting as well as counterintelligence operations.
Perform cyber intelligence analysis and develop raw intelligence products derived from intelligence reporting, open-source data, and information housed in a custom, classified system based on a proprietary configuration to support investigations, operations, and intelligence production.
They understand advanced cyber threats, threat vectors, and attack methodology and how they tie into the Cyber Kill Chain or ATT&CK framework, Diamond Model, etc.
Report on underlying patterns of behavior by conducting detailed analysis of incidents, threats, and risks and associated impacts and consequences, vulnerabilities, tactics, techniques, and procedures (TTP), and other malicious and non-malicious indicators.
Analyze network and host activity in successful and unsuccessful intrusions by advanced attackers.
Provide host-based security system (HBSS) support for the implementation, testing, integration, interoperability, and sustainment of information technologies comprising the TDL SOC environment, encompassing multiple customer multi-level domains.
Managing, deploying, and troubleshooting HBSS clients and configures, operates, and maintains mandated HBSS components for Windows, Solaris, and Linux systems.
Identifying threats to information systems and producing quality intelligence reporting.
Supervises, and mentor's subordinate projects and Innovation Collaborative (IIC) staff.
Collaborate and work with other Threat Intelligence Analyst IIIs.
Basic Qualifications:
DoD 8570.01-m IAT Level III or CSSP-SPM.
Bachelor’s degree in an IT related field
5 years of position relevant experience.
Experience utilizing managed attribution accounts; can identify intelligence gaps, specify collection requirements to fill gaps, and develop analytical tools and methodologies to cope with the gaps; technical understanding in some of the following areas: network communication using TCP/IP protocols, basic understanding of malware (malware communication installation or malware types), or intermediate knowledge of computer network defense operations (proxy, firewall, IDS/IPS, router/switch, or open source information collection); can identify/prioritize relevant collection requirements/gaps in response to supply chain threats to the federal agency customers and key stakeholders.
Preferred Qualifications:
Proficient with federal agency analytical writing tradecraft.
Industry standard certifications such as CEH Certification, Security +CE, or GIAC Cyber Threat Intelligence (GCTI).
Experience in Publicly Available Information (PAI) analysis.
Experience with general academic databases and scientific journals and repositories.
Clearance Requirements:
Must have a current/active TS/SCI with the ability to obtain and maintain a Polygraph.
Physical Requirements:
Must be able to be in a stationary position more than 50% of the time
Must be able to communicate, converse, and exchange information with peers and senior personnel
Constantly operates a computer and other office productivity machinery, such as a computer
#cyber1234