Cyber Security Forensics Analyst with Security Clearance

ManTech seeks a motivated, career and customer-oriented Cyber Security Forensics Analyst to join our team in the DC, Maryland, and Virginia (Northern) DMV area . In this role you will be responsible for conducting advanced digital forensics investigations, analyzing cyber threats, and developing strategies to mitigate risks. This role requires a deep understanding of cyber forensics, the MITRE ATT&CK framework, and the MITRE D3FEND framework. Responsibilities include but are not limited to: * Lead and conduct complex digital forensics investigations, including data recovery, analysis, and reporting ; Develop briefings and reports providing briefings to contract and government leadership and others as requested /required . * Utilize the MITRE ATT&CK framework and other techniques to identify , assess, and address cyber threats and vulnerabilities ; Apply the MITRE D3FEND framework to develop and implement defensive measures against cyber threats. * Collaborate with other cybersecurity professionals, cybersecurity and network teams, law enforcement agencies, and intelligence organizations to share information and coordinate response efforts. * Analyze cyber activities to identify entities of interest, determine malicious behavior, and recognize patterns and linkages; Conduct technical analysis against target systems and networks, identify vulnerabilities, and support the development of new exploitation techniques. * Investigate computer and information security incidents to determine the extent of compromise to information and automated information systems ; Conduct dynamic malware analysis and perform memory and dead-box forensics ; Assess scope of malware campaigns and determine necessary remediation actions. * Perform long-term and time-sensitive in-depth technical analysis of malicious code (malware), developing defensive countermeasures, and producing reports for dissemination. * Using static and dynamic methodologies for malware analysis, such as debuggers, disassemblers, and sandbox execution. Develop and maintain standard operating procedures (SOPs) and rules of engagement (ROE) templates. Minimum Qualifications: * 9 + years of progressively responsible experience in cyber security, incident response, or forensic investigations including malware analysis and a B achelor's degree in computer science , engineering, information technology, cybersecurity, or related field of study * An 8570 compliant certifications in IAT Level III * One of the following relevant certifications: GIAC Certified Forensic Analyst (GCFA), Certified Information Systems Security Professional (CISSP), or Certified Cyber Forensics Professional (CCFP) * Knowledge and experience with Threat Intel Frameworks ( e.g. Cyber Kill Chain, MITRE ATT&CK, Diamond Model) * Demonstrated experience using EnCase, FTK, and Open-Source methods and tools to perform Computer forensic investigations * Experience with Splunk, CrowdStrike Falcon, Security Onion, EnCase, Axiom, * Experience with network topologies and network security devices ( e.g. Firewall, IDS/IPS, Proxy, DNS, WAF, etc ). Clearance Requirements: * Must have a current/active Secret clearance with the ability to obtain and maintain a TS/SCI. * The ability to obtain and maintain a DHS EOD suitability is required prior to starting this position. Physical Requirements: * Must be able to remain in a stationary position for extended periods of time. * Needs to occasionally move about inside the office to access file cabinets, office machinery, etc. * Constantly operates a computer and other office productivity machinery, such as a calculator, copy, machine, and computer printer. * The person in this position frequently communicates with co-workers, management, and customers, * which may involve delivering presentations. Must be able to exchange accurate information in these situations.