Computer Network Defense (CND) Analyst

Secure our Nation, Ignite your Future Become an integral part of a diverse team while working at an Industry Leading Organization, where our employees come first. At ManTech International Corporation, you’ll help protect our national security while working on innovative projects that offer opportunities for advancement. Currently, ManTech is seeking a motivated, career and customer-oriented Computer Network Defense (CND) Analyst to join our team in San Antonio, TX, with hybrid work options. Responsibilities include, but are not limited to: Configure, monitor, and analyze data, logs, alerts, and signatures on Splunk and/or Elasticsearch, Logstash, Kibana (ELK) Security Information and Event Management (SIEM) systems. Continuously monitor the system by performing log management functions to review host, network, and firewall logs to inspect events that occur within the operational environment. Implement detection methods by tuning and configuring Splunk and intrusion detection system signatures to automate continuous monitoring of the network infrastructure. Utilize security technologies such as host-based intrusion detection systems (OSSEC) and/or network-based intrusion detection systems (Snort/Suricata/Zeek) to identify anomalies, unauthorized users, malicious activity, vulnerabilities, and policy violations. Utilize available resources such as all-source analysis to develop and/or modify existing detection techniques to reflect current and emerging cyber threats. Participate in Incident Response and post-mortem analysis activities to assist in determining the extent of damage and impact minimization requirements to improve continuous operations. Responsible for triage and escalation during an incident response upon recognition of an event. Employ the Plan, Brief, Execute, and Debrief (PBED) methodology. Maintain knowledge of applicable cyber defense policies, regulations, and compliance documents specifically related to defensive cyberspace operations. Basic Qualifications: At least 7 years of experience and a Bachelors Degree Possess proficiency in Splunk® Search Processing Language (SPL) and Regular Expressions (Regex). Demonstrated experience and knowledge of analytical tools developed for intelligence, threat analysis, and SIGINT metadata analysis. Demonstrated knowledge of TCP/IP networking/the 7 Layer Open Systems Interconnection model and apply this knowledge through packet capture tools such as Wireshark®. Demonstrated knowledge of *nix and Windows to perform log analysis and logging configuration. DOD Directive 8570.01 IA Baseline Certification Requirement for IAT Level II or higher in order to enable elevated privileges. See the IA Baseline Certification Requirements table for IAT Levels at: https://www.imgva.com/8570-requirements Minimum training standard will be Network and Certified Ethical Hacker certifications. Security Clearance Requirements: Active Top Secret clearance with SCI eligibility Physical Requirements: Able to be in a stationary position more than 50% of the time. Able to communicate, converse, and exchange information with peers and senior personnel. Constantly operates a computer and other office productivity machinery, such as a computer. For all positions requiring access to technology/software source code that is subject to export control laws, employment with the company is contingent on either verifying U.S.-person status or obtaining any necessary license. The applicant will be required to answer certain questions for export control purposes, and that information will be reviewed by compliance personnel to ensure compliance with federal law. ManTech may choose not to apply for a license for such individuals whose access to export-controlled technology or software source code may require authorization and may decline to proceed with an applicant on that basis alone. ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active Duty Wartime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law. If you require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please contact ManTech's Corporate EEO Department at (703) 218-6000. ManTech is an affirmative action/equal opportunity employer - minorities, females, disabled and protected veterans are urged to apply. ManTech's utilization of any external recruitment or job placement agency is predicated upon its full compliance with our equal opportunity/affirmative action policies. ManTech does not accept resumes from unsolicited recruiting firms. We pay no fees for unsolicited services. If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access http://www.mantech.com/careers/Pages/careers.aspx as a result of your disability. To request an accommodation please click careers@mantech.com and provide your name and contact information. Why ManTech? This is why! When you apply for a job at ManTech, you are taking the first step toward a new adventure. Trailblazing technology, incredible professional development and the opportunity to serve our nation. All while Securing the Future®. ManTech provides mission-focused technology solutions and services for U.S. defense, intelligence and federal civilian agencies. In business for more than 52 years, we excel in full-spectrum cyber, data collection & analytics, enterprise IT, and systems and software engineering solutions that support national and homeland security. More than 9,300 talented professionals around the globe make up the ManTech family and nearly half are veterans. As a ManTech employee, you will work for a winning team alongside colleagues that support and inspire you. You will also have access to tuition assistance, partnerships with universities and institutions, professional groups that comprise our Communities of Practice, community service opportunities, Technical Recognition Awards, Career Enablement/Mobility programs and so much more. What are you waiting for? Click “Apply” and start your adventure today.