Network Operations Security Center Analyst

ManTech seeks a motivated, career and customer-oriented Mid-Level NOSC Analyst to join our team in Stennis, MS.

In this role you will provide daily management and oversight to a team of up to 40+ operators providing support for a network, cybersecurity and cloud operations and incident management on a 24x7x365 basis. You will provide advanced network monitoring, incident response, and system troubleshooting to ensure mission-critical IT infrastructure remains secure and operational. Analyze escalated issues, coordinate with cross-functional teams to resolve network and security incidents and support the implementation of cybersecurity measures in alignment with policies and standards.

• Provide support analyzing network traffic and various log data to determine the status and/or threat/impact against the network, recommending appropriate countermeasures, facilitating the tracking, handling, and reporting of all network and cyber events and computer incidents.
• Monitor, detect, scan, record, audit, analyze, report, remedy, coordinate, and track network and cyber security related events for customer networks, infrastructure, and endpoints.
• Conduct forensic analysis and detailed investigations of security incidents to determine the root cause and extent of compromise, resolve this issue, develop and implement lessons learned to improve support.
• Document analysis, findings, and actions in a case/knowledge management system.
• Provide guidance and support to other team members, including coaching and knowledge sharing to enhance their technical skills.
• Support senior-level NOSC personnel with the creation and distribution of incident reports.
• Participate in vulnerability assessments and penetration testing activities to identify and address potential security weaknesses.

• 4+ years of related experience with network and/or security operations to include, but not limited to, Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or Network Operations Center (NOC), Security Operations Center (SOC), or Network Operations Security Center (NOSC).
• Bachelor of Science degree in Information Security, Computer Science, or related field and a minimum of six months experience (or equivalent experience) in one or more of the following areas: network and infrastructure operations & maintenance (O&M), computer network penetration testing/techniques; computer evidence seizure, computer forensic analysis, data recovery; computer intrusion analysis/incident response, intrusion detection; computer network surveillance/monitoring; network protocols, network devices.
• Possess either a Certified Ethical Hacker (CEH) or a GIAC Certified Incident Handler (GCIH) and meet DoD 8570 and/or 8140 Level II or III as required by the government.
• Experience with Incident Response; identifying, investigating, reporting and remediating.
• Captures, protects, and retains digital forensic data and information maintaining proper legal chain of custody for legal and law enforcement activities.
• Hands on experience with network monitoring and troubleshooting tools (e.g., Splunk, HBSS, Nessus), researches and maintains proficiency in tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding and network security and encryption.
• Proficiency in security incident response methodologies and best practices, familiarity with scripting languages (Python, PowerShell, etc.) for automation and data analysis, and an understanding of cloud platforms and their impact on SOC operations (e.g., AWS, Azure, GCP).

• Possess one or more of the following certifications: DoD 8570 Industry Related Certification such as CSSP Analyst, CSSP Infrastructure Support or CSSP Incident Responder, Penetration Testing, GIAC Certified Forensic Examiner (GCFE), GIAC Advanced Smartphone Forensics Certification (GASF).

• Must have a current/active Top Secret/SCI clearance.
• The ability to obtain and maintain a DHS EOD suitability is required prior to starting this position.

• Must be able to work in an office environment and maneuver in data center and other IT equipment installation locations.
• Constantly operate a computer and other office productivity machinery, such as a calculator, copy machine and computer printer.
• Ability to lift and carry 75 lbs for distances up to 50 feet.