• Incident Manager I

    ManTechArlington, VA 22212

    Job #1434471625

  • Secure our Nation, Ignite your Future

    Incident Manager I

    Become an integral part of a diverse team while working at an Industry Leading Organization, where our employees come first. At ManTech International Corporation, you'll help protect our national security while working on innovative projects that offer opportunities for advancement.

    Currently, ManTech is seeking a motivated, career and customer-oriented Incident Manager I to join our team at the DHS Facility.

    Responsibilities include, but are not limited to:

    • Facilitate and manage onsite incident response efforts as a hunt and incident responder while applying Incident Management process procedures and instructions in accordance with Incident Management Group Concept of Operations (CONOPS).

    • Gather information for the National Cybersecurity & Communications Integration (NCCIC) and conduct outreach to Director in response to incidents and present situational awareness briefings for the community

    • Set up, coordinate and perform analysis of incident, coordinate and provide feedback to customers.

    • Develop and recommend strategies and controls to improve security of corporate and industrial control systems

    • Develop and asses mitigation strategies and security controls to improve security

    • Coordinate incident response efforts with industry association, Government agency and Intelligence Community (IC)

    • Monitor and review multiple data sources, including intelligence, media, and law enforcement reporting, to identify all cybersecurity incidents, threats, and vulnerabilities

    • Assist in the preparation of communications to inform DHS leadership of emerging threats and associated response activities

    • Provide classified and unclassified cyber risk briefings and activity updates to Federal, State, Local, Tribal, Territorial (SLTT), and Critical Infrastructure community stakeholders.

    • Manage reported incidents by providing a single point of service for incident customer organizations throughout the incident life cycle

    • Develop and assess mitigation strategies and security controls to improve security of both corporate and industrial control system networks.

    • Assist with developing and maintaining Standard Operating Procedures (SOPs).

    • Document technical details of current or potential intruder threats consistent with NIST 800-61r2 Guidelines.

    Required Qualifications:

    • Experience performing incident responses and handling methodologies

    • Experience reporting and submitting formal and informal RFIs

    • Experience conducting incident responses and handling methodologies

    • Knowledge of general attack stages (e.g., foot printing and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks, etc.)

    • Experience recognizing and categorizing types of vulnerabilities and associated attacks

    • Knowledge of basic system administration and operating system hardening techniques

    • High School Diploma with at least 3 years' experience in incident management or cybersecurity operations

    • Must be able to work different schedule shifts

    Desired Qualifications:

    • Experience of the NCCIC National Cyber Incident Scoring System, able to prioritize triaging of incident

    • Experience working with system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, PL/SQL and injections, race conditions, covert channel, replay, return-oriented attacks, and malicious code)

    • Experience maintaining currency of Computer Network Defense threat condition and determine which security issues may have an impact on the enterprise

    • Knowledge of different operational threat environments (e.g., first generation, second generation, and third generation)

    • Track and document Computer Network Defense (CND) incidents from initial detection through final resolution

    • Bachelor's Degree in Computer Science, Cybersecurity, Computer Engineering, or related discipline

    Security Clearance Requirements:

    • TS/SCI

    Physical Requirements:

    • The person in this position needs to occasionally move about inside the office to access file cabinets, office machinery, or to communicate with co-workers, management, and customers, which may involve delivering presentations.

    ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active Duty Wartime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law.

    If you require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please contact ManTech's Corporate EEO Department at ~~~. ManTech is an affirmative action/equal opportunity employer - minorities, females, disabled and protected veterans are urged to apply. ManTech's utilization of any external recruitment or job placement agency is predicated upon its full compliance with our equal opportunity/affirmative action policies. ManTech does not accept resumes from unsolicited recruiting firms. We pay no fees for unsolicited services.

    If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access ~~~ as a result of your disability. To request an accommodation please click ~~~ and provide your name and contact information.