Security Operations Center Analyst

**ManTech** seeks a motivated, career and customer-oriented **Security Operations Center Analyst** to join our team in the **DC, Maryland, and Virginia (DMV) area** .

The successful candidate will provide cyber threat analysis and reporting to support SOC and NOSC situational awareness. In this role you will actively monitor security threats and risks, track investigation results and report on findings. You will monitor security tools to review and analyze pre-defined events indicative of incidents and provides first tier response to security incidents; monitors network traffic for security events and performs triage analysis to identify security incidents; responds to computer security incidents.

**Responsibilities include, but are not limited to:**

+ Provide 24/7 support for incident data flow and response, content, and remediation, and interfaces with other incident response centers in maintaining an understanding of threats, vulnerabilities, and exploits that could impact networks and assets.

+ Monitor network traffic and system logs for signs of cyber threats and suspicious activity.

+ Perform the role of Incident Coordinator for IT Security events requiring focused response, containment, investigation, and remediation.

+ Perform real-time proactive event investigation on various security enforcement systems, such as SIEM, Anti-virus, Internet content filtering/reporting, malcode prevention, Firewalls, IDS & IPS, Web security, antispam, etc.

+ Conduct malware analysis in out of-band environment (static and dynamic), including complex malware; Assist with forensic analysis on hosts supporting investigations.

+ Analyze operational anomalies, network behavior and perform mitigation actions derived from cyber threat monitoring and anomaly analysis, and actively monitor the networks for cybersecurity threats and vulnerabilities; develop and implement detection use cases and signatures to enhance threat identification capabilities.

+ Respond promptly to security incidents, conducting thorough investigations and mitigating threats; produce comprehensive incident reports, including root cause analysis and recommendations for future prevention; work closely with other cybersecurity teams, including threat intelligence, vulnerability management, and risk assessment.

**Minimum Qualifications:**

+ Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field (or equivalent experience).

+ 3+ years of experience in cybersecurity, with a focus on incident detection and response.

+ Proficiency with SIEM tools (e.g., Splunk, ArcSight).

+ Experience with intrusion detection/prevention systems (IDS/IPS), endpoint detection and response (EDR) tools, and firewalls.

+ Strong understanding of network protocols, operating systems, and security architectures.

+ Knowledge of broader cybersecurity frameworks (e.g., NIST, ISO 27001); familiarity with digital forensics tools and techniques.

+ 8570 compliant certifications, and one of the following relevant certifications: Certified Information Systems Security Professional (CISSP), Certified Incident Handler (GCIH), Certified Information Security Manager (CISM), Certified Ethical Hacker (CEH)

**Preferred Qualifications:**

+ Experience working in a government or defense environment.

+ Familiarity with DHS policies and procedures.

+ Proficiency in programming languages such as Python, Java, C++, and scripting languages relevant to security operations (e.g., Bash, PowerShell).

**Clearance Requirements:**

+ Must have a current/active Secret clearance with the ability to obtain and maintain a TS/SCI.

+ The ability to obtain and maintain a DHS EOD suitability is required prior to starting this position.

**Physical Requirements:**

+ Must be able to remain in a stationary position 50%

+ Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine and computer printer

+ The person in this position needs to occasionally move about inside the office to access file cabinets, office machinery, etc.

ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

If you are a qualified individual with a disability and require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please email us at careers@mantech.com and provide your name and contact information.