Senior Cyber Incident Detection and Response Analyst

ManTech - Stennis Space Center, MS

posted 4 days ago

Full-time - Senior
Stennis Space Center, MS
Professional, Scientific, and Technical Services

About the position

The Senior Cyber Incident Detection and Response Analyst at ManTech plays a critical role in safeguarding national security by identifying, analyzing, and responding to cybersecurity threats and incidents. This position is integral to the Network Operations Security Center (NOSC) and requires expertise in threat detection, incident response, and cybersecurity best practices. The analyst will work closely with other cybersecurity teams and provide 24/7 support to ensure the protection of DHS infrastructure and data.

Responsibilities

  • Provide 24/7 support for incident data flow and response, content, and remediation.
  • Monitor network traffic and system logs for signs of cyber threats and suspicious activity.
  • Perform the role of Incident Coordinator for IT Security events requiring focused response, containment, investigation, and remediation.
  • Conduct real-time proactive event investigation on various security enforcement systems, such as SIEM, Anti-virus, Firewalls, IDS & IPS, etc.
  • Assist with forensic analysis on hosts supporting investigations.
  • Conduct malware analysis in out-of-band environments, including complex malware.
  • Analyze operational anomalies and perform mitigation actions derived from cyber threat monitoring.
  • Perform quality assurance on Incident Closures.
  • Assist with Knowledge Management - Standard Operating Procedures and procedural support data.
  • Develop and implement detection use cases and signatures to enhance threat identification capabilities.
  • Respond promptly to security incidents, conducting thorough investigations and mitigating threats.
  • Produce comprehensive incident reports, including root cause analysis and recommendations for future prevention.
  • Work closely with other cybersecurity teams, including threat intelligence and vulnerability management.
  • Communicate findings and provide actionable recommendations to management and other relevant parties.
  • Participate in cybersecurity exercises and incident response training to maintain a high state of readiness.
  • Continuously assess and improve incident detection and response processes.
  • Provide training and guidance to junior analysts and other team members.

Requirements

  • An 8570 compliant certification
  • One of the following relevant certifications: CISSP, GCIH, CISM, CEH
  • A bachelor's degree in computer science, information technology, cybersecurity, or a related field (or equivalent experience)
  • A minimum of 10 years of experience in cybersecurity, focusing on incident detection and response
  • Proficiency with SIEM tools (e.g., Splunk, ArcSight)
  • Experience with IDS/IPS, EDR tools, and firewalls
  • Strong understanding of network protocols, operating systems, and security architectures
  • Familiarity with digital forensics tools and techniques.

Nice-to-haves

  • Experience working in a government or defense environment
  • Familiarity with DHS policies and procedures
  • Knowledge of broader cybersecurity frameworks (e.g., NIST, ISO 27001).

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service