Intermediate Cyber Forensic Analyst (96111BR)

  • ManTech International
  • USA, ALABAMA Huntsville
  • 02/26/2018

Job Description

USA, ALABAMA Huntsville Full-Time Security Clearance: TS/SCI Become an integral part of a diverse team that leads the world in the Mission, Cyber, and Intelligence Solutions group. At ManTech International Corporation, you will help protect our national security while working on innovative projects that offer opportunities for advancement. Currently, ManTech is seeking a motivated, career and customer oriented Intermediate Cyber Forensic Specialist to join our team in Huntsville, AL to provide unparalleled support to our customer and to begin an exciting and rewarding career within ManTech. A qualified candidate will be responsible for the following duties and responsibilities, but are not limited to: •Conduct activities to deter unauthorized persons from obtaining sensitive or classified information from networks and information technology (IT) devices. •Conduct digital forensic examinations in support of potential CI incidents, cyber incidents, and suspected intrusions to determine FIE involvement pursuant to DoD Instruction O-5240.21 and support to security incidents to determine the presence of classified or sensitive information on digital media. Will assist with the preparation of the cyber forensic laboratory reports. •Conduct analysis of information technology auditing and monitoring logs provided by the customer to detect and identify CI insider threat indicators pursuant Enclosure 3, DoD Instruction S- 5240.23. Will notify the customer’s Computer Incident Response Team of Computer Network Defense issues and concerns. •Conduct cyber activities in support of flight test events, conferences, and off-site meetings, or other activities, to detect unauthorized WiFi connections and potential FIE activities targeting (IT) networks or devices. •Conduct Cyber Threat Awareness training pursuant to DoD Instruction 5240.26. A candidate will develop and publish cyber threat awareness bulletins and pamphlets and conduct periodic briefings to increase workforce awareness of cyber threats and associated mitigation strategies or remedies. •Become the operational liaison, attend working groups and other cyber threat related meetings with national and DoD cyber intelligence threat communities to maintain awareness of current and emerging FIE cyber threats targeting the networks. Submit liaison contact reports and meeting notes to the customer. In addition, a qualified candidate will assist in developing procedures and proactive initiatives to detect, identify, and mitigate FIE activities targeting administrative and fire control networks. •Expand the existing Cyber and CI Research Network infrastructure to facilitate remote access from any physical EIX location pursuant to Enclosure 3, DoD Instruction S-5240.23. •Assist in the management and operation of the CI Cyber Lab. Maintain the schedule for use of the Cyber Lab which includes coordinating technical and analytic tasks within the Cyber Lab; maintain Cyber Lab Standard Operating Procedure. •Assist in management and operation of the Joint Cyber Collaboration Center. Participate in advanced analysis, discussions, and decision recommendations with CERT, Insider Threat, and EIX leadership to determine proper courses of action based on active and past cyber anomalies. •Implement a professional cyber education path to ensure that as a minimum, certified cyber forensics specialists performing forensic laboratory support tasks attend the following training courses: SANS Institute’s Course FOR610, Reverse Engineering Malware Tools and Techniques; FOR526, Memory Forensics In-depth; Cyber Security and Forensics Analysis; FOR408 Windows Forensic Analysis; Encase On-demand Computer Forensics; Cisco Entry-Level Technician; Cellebrite Mobile Forensics Fundamentals; Certified Logical Operator; Physical Analyst; and Mobile Examiner. Candidates are expected to bring expert-level knowledge in Computer Forensics in some or all of the subject areas below: Forensic examinations of diverse Digital Media to include: •Digital forensic examinations. •File system forensics. •Registry and Internet history analysis. •Steganography detection and analysis. •Large data set analysis and Target Keyword search. •Forensic tool and script development. •Metadata extraction and analysis. Familiarity with the following classes of enterprise cyber defense technologies: •Security Information and Event Management (SIEM) systems. •Network and host-based Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS). •Network and host-based sensor and firewall technologies. •Network and host-based malware detection and prevention. •Network and host-based forensic applications. •Web/e-mail gateway security technologies. Network forensics and analysis: •Generating forensic reports of interest to customers. •Coordinate, develop and promulgate forensic and technical collection standards for the customer. •Provide technical support for federated partners, internal customer, and deployed platforms •Provide global (deployable) technical collection response capabilities, as required. •Plan, integrate and execute full-spectrum technical collection plans, exercises, training and operations as required. Security Clearance Requirement: Active/current TS/SCI clearance is required. See Qualifications / Position Requirements: •BA/BS required in related field with 4 years of relevant experience or 6 years of relevant specialized experience and or military related or MA/MS from an accredited institution of higher learning in related field will be considered equal to 2 years of relevant experience. •Capable of providing hands-on experience with network security, network analysis, and digital/computer forensics. •Capable of applying analytical principles and practices, research and technical support in the development and production of a forensics laboratory for CI activities. •Must be able to perform the outlined duties and responsibilities. •Capable of working independently to solve problems. •Must possess excellent oral and written communication skills. •Must be formally trained to USD/I approved standards. ManTech International Corporation is comprised of approximately 7,300 talented employees who use advanced technology to help government and industry meet some of their greatest challenges around the world. We adhere to the simple, no-nonsense values on which ManTech was founded more than four decades ago, aligning squarely with the mission objectives of our customers. As our customer base continues to expand and diversify, we continue to diversify our workforce and solutions. Nearly half our employees have a military background, and approximately 70 percent hold a government security clearance. As a leading provider of innovative technology services and solutions for the nation's defense, security, health, space, and intelligence communities; we hold nearly 1,100 active contracts with more than 50 different government agencies. JBManTech ICJBMeta