Mid-level Cybersecurity Threat Hunter

ManTech seeks a motivated, career and customer-oriented Mid-level Cybersecurity Threat Hunter to join our team in Herndon, VA.

Responsibilities include, but are not limited to:

• Collaborate with incident response teams to investigate, analyze, and remediate identified threats.
• Identify and assess the capabilities and activities of cyber criminals or foreign intelligence entities; design and administer procedures in the organization that sustains the security of the organization’s data and access to its technology and communications systems.
• Identify, deter, monitor, and investigate computer and network intrusions.
• Provide computer forensic support to high technology investigations in the form of evidence seizure, computer forensic analysis, and data recovery.
• Monitor and assess complex security devices for patterns and anomalies from raw events (DNS, DHCP, AD, SE logs), tag events for Tier 1 & 2 monitoring.
• Proactively search for and identify cyber threats, including advanced persistent threats (APTs), that could compromise DHS networks and systems.
• Analyze network traffic, system logs, and other data sources to detect anomalies and indicators of compromise (IOCs).

Minimum Qualifications:

• 3+ years of experience in cybersecurity with a focus on threat hunting, threat analysis, or incident response and a Bachelor’s degree in computer science, information technology, cybersecurity, or a related field of study.
• An 8570 compliant certification, such as Certified Information Systems Security Professional (CISSP), GIAC Certified Incident Handler (GCIH), GIAC Certified Forensics Analyst (GCFA), GIAC Certified Intrusion Analyst (GCIA), or relevant certifications
• Proficiency with threat hunting tools and platforms (e.g., Splunk, ELK Stack, CrowdStrike, Carbon Black).
• Strong understanding of network protocols, system logs, and security event correlation.
• Experience in analyzing malware, attack vectors, and threat actor TTPs.

Preferred Qualifications:

• A master's degree
• Experience working in a government or defense environment.
• Familiarity with DHS policies and procedures.
• Knowledge of broader cybersecurity frameworks (e.g., NIST, ISO 27001).

Clearance Requirements:

• Must have a current/active Secret clearance with the ability to obtain and maintain a TS/SCI.
• The ability to obtain and maintain a DHS EOD suitability is required prior to starting this position.

Physical Requirements:

• Must be able to be in a stationary position more than 50% of the time 
• Must be able to communicate, converse, and exchange information with peers and senior personnel 
• Constantly operates a computer and other office productivity machinery, such as a computer 
• The person in this position frequently communicates with co-workers, management, and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations 
• The person in this position needs to occasionally move about inside the office to access file cabinets, office machinery, etc.