Cyber Security Forensics Analyst with Security Clearance

You will need to login before you can apply for a job.

ManTech is seeking a motivated, career- and customer-oriented Cyber Security Forensics Analyst to join our team in the DC, Maryland, and Virginia (Northern) DMV area. In this role, you will be responsible for conducting advanced digital forensics investigations, analyzing cyber threats, and developing strategies to mitigate risks.

This role requires a deep understanding of cyber forensics, the MITRE ATT&CK framework, and the MITRE D3FEND framework. Responsibilities include but are not limited to:

1. Leading and conducting complex digital forensics investigations, including data recovery, analysis, and reporting.
2. Developing briefings and reports for contract and government leadership and other stakeholders as required.
3. Utilizing the MITRE ATT&CK framework and other techniques to identify, assess, and address cyber threats and vulnerabilities.
4. Applying the MITRE D3FEND framework to develop and implement defensive measures against cyber threats.
5. Collaborating with cybersecurity professionals, network teams, law enforcement, and intelligence agencies to share information and coordinate responses.
6. Analyzing cyber activities to identify entities of interest, malicious behaviors, and patterns.
7. Conducting technical analysis on target systems and networks to identify vulnerabilities and support exploitation techniques.
8. Investigating security incidents to determine the extent of compromise.
9. Performing malware analysis, including dynamic, static, and dead-box techniques.
10. Assessing malware campaigns and recommending remediation actions.
11. Developing and maintaining SOPs and ROE templates.

Minimum Qualifications:

• 9+ years of experience in cybersecurity, incident response, or forensic investigations, including malware analysis.
• Bachelor's degree in computer science, engineering, information technology, cybersecurity, or a related field.
• 8570 compliant certifications in IAT Level III.
• Relevant certifications such as GIAC GCFA, CISSP, or CCFP.
• Knowledge of Threat Intel Frameworks like Cyber Kill Chain, MITRE ATT&CK, and Diamond Model.
• Experience with EnCase, FTK, open-source forensic tools, and network security devices.

Clearance Requirements:

• Must have a current/active Secret clearance with the ability to obtain and maintain a TS/SCI clearance.
• Must be able to obtain and maintain DHS EOD suitability prior to starting.

Physical Requirements:

• Ability to remain stationary for extended periods.
• Occasional movement within the office to access files and equipment.
• Constant operation of a computer and office machinery.
• Effective communication with coworkers, management, and customers, including delivering presentations.