ManTech Cyber Defense Solutions

66701-Senior IDS Analyst (Night Shift)
Become an integral part of a diverse team that leads the world in Mission, Cyber, and Intelligence Solutions. At ManTech International Corporation, you will help protect our national security while working on innovative projects that offer opportunities for advancement.

Responsibilities Include:
The Cyber Business Unit of ManTech MCIS is looking for highly motivated, qualified professionals to fill a Sr. IDS Analyst position in the DC Metro area. A wide range of knowledge and skills are needed. Sr. IDS Analyst will support detection team CERT/SOC operations in performing duties that include IDS event monitoring and analysis, security incident handling, incident reporting, and threat analysis. Candidate will monitor and analyze network traffic, IDS alerts, network and system logs, and available open source information to detect and report threats to customer networks. Analyst will determine appropriate response action(s) required to mitigate risk and provide threat and damage assessment for security threats which may impact the customer networks.
Analyst may also support the Incident Response Team during incident investigations, vulnerability assessments, malware analysis, and the development of new defensive security solutions.

Required Qualifications:
05-07 years w/Bachelors Degree, 02-04 years w/Masters Degree or equivalent of relevant experience, i.e.common Intrusion Detection Systems, virus and malware behavior, and intrusion methodologies.

Key words: Intrusion detection, malware analysis,
incident handling

Security Requirements:
Active Top Secret clearance with SCI eligibility

64558 Sr. Systems Administrator: SCOM/SCCM
Maintains data files and control procedures for a complex system of networked computers or for a single group of microcomputers linked to a host workstation, or mainframe. Responsible for system security and data integrity. Assigns passwords and monitors use of resources, backs up files as required and responds to management requests for information. Provides technical guidance to lesser-experienced systems administrators.
• Perform systems support within a Windows 7 environment running in VMware environment, and Microsoft Server 2008R2 or 2012
• Expertise in installing, configuring, administering and troubleshooting of System Center Configuration Manager (SCCM), System Center Operations Manager (SCOM), and other MS Windows management products.
• Perform operations and support activities. Assists with service administration, evaluate changes for operational impact, and prepare recommendations for system improvement. Debug performance management hardware and network issues.
• Manage and execute SCCM, SCOM agents, SCOM console and other performance management tools.
• Using SCCM perform remote administration, patch management, and software distribution
Provide SCOM integration support with other systems to include Exchange 2010, Compellent, MS-SQL, Remedy Incident /Problem Management. Provide recommendations to improve monitoring environment and assist in the definition of alert thresholds.
Administer relational databases, window services, network components, and storage devices with demonstrated work utilizing Microsoft SQL Server 2008. Under general direction, provide technical expertise in the design, implementation, operation and maintenance of database management systems.
Evaluates and recommends available DBMS products after matching requirements with system capabilities. Plans, recommends, and performs changes.
Previous responsibilities for providing customer support. Perform day-to-day database maintenance tasks including health monitoring, backups & restores, space management, resource utilization, and index & data management. Proficiency with Administering Windows Server, MSSQLServer, SQL, and scripting (PowerShell, AutoIT preferred)Experience working with IT service management toolset with demonstrated work using BMC Remedy
Willingness to learn new technologies and maintain industry knowledge. Excellent communication and interpersonal skills

64832 Information Assurance Officer (IAO)
Become an integral part of a diverse team that leads the world in Mission, Cyber, and Intelligence Solutions. At ManTech International Corporation, you will help protect our national security while working on innovative projects that offer opportunities for advancement.
As the Information Assurance Officer, you will Support the organization Security Manager by:
(1) Ensuring all Information Systems (IS) are certified and accredited in compliance with DoD, SAP, and SCI security requirements; (2) Ensuring each network or system is operated and maintained, and disposed of in accordance with internal security policies and practices outlined in the System Security Authorization Accreditation (SSAA); (3) Ensuring all users have the requisite security clearance, authorization, and need-to-know, and are aware of their security responsibilities before granting access to Information System (IS); (4) Ensuring Audit Reviews and risk assessments are conducted periodically for each network or system to identify specific areas that require safeguards against deliberate or inadvertent unauthorized disclosure, modification, destruction of information, denial of service, and unauthorized use of IS. Initiate approval of IAM for protective and corrective measures when vulnerabilities are discovered; (5) Ensuring all security-related incidents are reported to the Information Assurance Manager (IAM); (6) Creating IS records and maintaining documentation for each network/system; (7) Develop and maintain SSP and related documentation; (8) Ensure configuration management for security related s/w, h/w and firmware is maintained and developed; (9) Ensure systems recovery process monitoring and ensure security features reinstated; (10) Document system access and correlate system events to authorized personnel; (11) Formally notify IAM and DAA when systems are no longer used to process intel or SAP info; (12) Notify IAM when system changes occur that effect accreditation; (13) Ensure that system security is implemented during all phases of system life-cycle; and (14) Follow evaluation and authorization process for h/w, s/w and firmware before importing onto system;
Position Requirements:
• Must be knowledgeable of the Department of Defense (DoD), Director Central Intelligence Directive (DCID), Joint Air Force, Army and Navy (JAFAN) compliance guidance.
• A minimum of 2 years experience in Information System Security.
• Working knowledge of IT systems function, security policies, technical security safeguards and operations security measures.
Security Requirements: U.S. Citizenship and an active DoD TS/SCI clearance based upon a SSBI completed within the last 5 years. Must be willing to submit to an initial and random polygraph.
Keywords: Information Assurance, JAFAN, SAP

64832 – Information Assurance Officer (IAO)
(1) Ensuring all Information Systems (IS) are certified and accredited in compliance with DoD, SAP, and SCI
security requirements; (2) Ensuring each network or
system is operated and maintained, and disposed of in accordance with internal security policies and practices outlined in the System Security Authorization
Accreditation (SSAA); (3) Ensuring all users have the requisite security clearance, authorization, and need-to-know, and are aware of their security responsibilities
before granting access to Information System (IS); (4) Ensuring Audit Reviews and risk assessments are
conducted periodically for each network or system to identify specific areas that require safeguards against
deliberate or inadvertent unauthorized disclosure,
modification, destruction of information, denial of service, and unauthorized use of IS. Initiate approval of IAM for protective and corrective measures when vulnerabilities are discovered.
Required Qualifications:
-Must be knowledgeable of the Department of Defense (DoD), Director Central Intelligence Directive (DCID), Joint Air Force, Army and Navy (JAFAN) compliance
guidance.
-A minimum of 2 years experience in Information System
Security.
-Working knowledge of IT systems function, security
policies, technical security safeguards and operations security Measures.
Security Requirements:
U.S. Citizenship and an active DoD TS/SCI
clearance based upon a SSBI completed within the last 5 years. Must be willing to submit to an initial and random polygraph.

61730-Senior Cyber Threat Analyst/Reverse Engineer
The Cyber Defense Solutions BU of ManTech MCTS is looking for a highly motivated, qualified professional to fill a Cyber Threat Analyst / Reverse Engineering position in Washington, DC.
As the Cyber Threat Analyst/Reverse Engineer, you will conduct research, binary analysis and reverse engineering of suspicious and malicious software to determine functionality, complexity, and impact of its implementation on victim/compromised systems of interest. You will also provide periodic updates
documenting the results of this research. In this role, you will be required to provide analysis of packet capture data and netflow data to recover malicious activity, commands/passwords; as well as identify software programs used, identify communication recipients, provide clear text chat conversations, and identify number of users on victim systems. You will also then provide periodic updates documenting the results of this analysis.
In this role, you will analyze and recover encrypted and plaintext passwords or secure keys, identify software programs, hidden rootkits activity, hidden or clear network traffic information, active registry hives, specific command lines, and other system activity. You will also provide intrusion analysis to determine who, what, when and how intrusions occurred.
As the Cyber Threat Analyst, you will provide research and analysis of complex national level cyber security breaches for our Federal customer. You will also be responsible for linking and correlating digital information, such as, threat data (Victim/Source Internet Protocol (IP) addresses, Uniform Resource Locators (URL), malicious software), actor contacts or personal data, system logs, obtained from single or multiple sources and develop correlation associations.
Required Qualifications:
5+ years experience in analysis on cyber intrusions, providing the detailed results of research, technical examination, and recommendations, including network and digital forensics and malicious code reverse engineering (RE). With a total of Eight (8) years of increasing responsibilities in Information Assurance.
Security Requirements:
Active TS/SCI with Poly

59136-Information Assurance Officer (IAO)
Become an integral part of a diverse team that leads the world in Mission, Cyber, and Intelligence Solutions. At ManTech International Corporation, you will help protect our national security while working on innovative projects that offer opportunities for advancement.

As the Information Assurance Officer, you will Support the organization Security Manager by:

(1) Ensuring all Information Systems (IS) are certified and accredited in compliance with DoD, SAP, and SCI security requirements; (2) Ensuring each network or system is operated and maintained, and disposed of in accordance with internal security policies and practices outlined in the System Security Authorization Accreditation (SSAA); (3) Ensuring all users have the requisite security clearance, authorization, and need-to-know, and are aware of their security responsibilities before granting access to Information System (IS); (4) Ensuring Audit Reviews and risk assessments are conducted periodically for each network or system to identify specific areas that require safeguards against deliberate or inadvertent unauthorized disclosure, modification, destruction of information, denial of service, and unauthorized use of IS. Initiate approval of IAM for protective and corrective measures when vulnerabilities are discovered; (5) Ensuring all security-related incidents are reported to the Information Assurance Manager (IAM); (6) Creating IS records and maintaining documentation for each network/system; (7) Develop and maintain SSP and related documentation; (8) Ensure configuration management for security related s/w, h/w and firmware is maintained and developed; (9) Ensure systems recovery process monitoring and ensure security features reinstated; (10) Document system access and correlate system events to authorized personnel; (11) Formally notify IAM and DAA when systems are no longer used to process intel or SAP info; (12) Notify IAM when system changes occur that effect accreditation; (13) Ensure that system security is implemented during all phases of system life-cycle; and (14) Follow evaluation and authorization process for h/w, s/w and firmware before importing onto system;

Position Requirements:

• Must be knowledgeable of the Department of Defense (DoD), Director Central Intelligence Directive (DCID), Joint Air Force, Army and Navy (JAFAN) compliance guidance.

• A minimum of 2 years experience in Information System Security.

• Working knowledge of IT systems function, security policies, technical security safeguards and operations security measures.

Security Requirements: U.S. Citizenship and an active DoD TS/SCI clearance based upon a SSBI completed within the last 5 years. Must be willing to submit to an initial and random polygraph.

Keywords: Information Assurance, JAFAN, SAP