ManTech - Stennis Space Center, MS
posted 2 months ago
Full-time - Senior
Stennis Space Center, MS
Professional, Scientific, and Technical Services
About the position
The Senior Cybersecurity Threat Hunter at ManTech plays a crucial role in protecting national security by investigating and remediating cyber threats. This position involves collaboration with incident response teams, conducting malware analysis, and developing threat hunting methodologies to enhance detection capabilities. The role requires a deep understanding of cybersecurity practices and the ability to analyze complex security data to identify potential threats.
Responsibilities
- Collaborate with incident response teams to investigate, analyze, and remediate identified threats.
- Identify and assess the capabilities and activities of cyber criminals or foreign intelligence entities; design and administer procedures to sustain the security of the organization's data and access to its technology and communications systems.
- Identify, deter, monitor, and investigate computer and network intrusions.
- Provide computer forensic support to high technology investigations, including evidence seizure, forensic analysis, and data recovery.
- Monitor and assess complex security devices for patterns and anomalies from raw events (DNS, DHCP, AD, SE logs).
- Conduct malware analysis in out-of-band environments (static and dynamic), including complex malware.
- Proactively search for and identify cyber threats, including advanced persistent threats (APTs), that could compromise DHS networks and systems.
- Analyze network traffic, system logs, and other data sources to detect anomalies and indicators of compromise (IOCs).
- Develop and implement threat hunting methodologies, techniques, and tools to improve detection capabilities.
- Create and refine threat detection use cases and correlation rules within SIEM and other security tools.
- Conduct detailed analysis of malicious code, attack vectors, and threat actor tactics, techniques, and procedures (TTPs).
- Prepare detailed threat reports and briefings for technical and non-technical stakeholders.
- Stay current with the latest cyber threat intelligence, trends, and technologies.
- Provide expert guidance and training to junior analysts and other DHS staff on threat hunting techniques and best practices.
Requirements
- An 8570 compliant certification, such as CISSP, GCIH, GCFA, GCIA, or relevant certifications.
- A bachelor's degree in computer science, information technology, cybersecurity, or a related field.
- A minimum of 12 years of experience in cybersecurity with a focus on threat hunting, threat analysis, or incident response.
- Proficiency with threat hunting tools and platforms (e.g., Splunk, ELK Stack, CrowdStrike, Carbon Black).
- Strong understanding of network protocols, system logs, and security event correlation.
- Experience in analyzing malware, attack vectors, and threat actor TTPs.
Nice-to-haves
- A master's degree.
- Experience working in a government or defense environment.
- Familiarity with DHS policies and procedures.
- Knowledge of broader cybersecurity frameworks (e.g., NIST, ISO 27001).
