Computer Security Incident Response Team Analyst

General information

Requisition # R62262 Locations USA-Remote Work Posting Date 08/01/2025 Security Clearance Required Public Trust/Suitability Remote Type Onsite Time Type Full time

Description & Requirements

Transform the future of federal services with MANTECH! Join a vibrant, energetic team committed to enhancing national security and public services through innovative tech. Since 1968, we’ve partnered with Federal Civilian sectors to deliver impactful solutions. Engage in exciting projects in Digital Transformation, Cybersecurity, IT, Data Analytics and more. Ignite your career and drive change. Your journey starts now—innovate and excel with MANTECH!

MANTECH seeks a motivated, career and customer-oriented Computer Security Incident Response Team (CSIRT) Analyst to join our team. This is a remote position.

Responsibilities include but are not limited to:

• Monitor Intrusion Detection/Prevention Systems (IDS/IPS), Endpoint Detection and Response (EDR), and other security event data sources to determine if events should be escalated to incidents.
• Conduct threat hunting and analysis by correlating data from EDR, firewall, and syslog sources; leverage Zero-Trust methodologies and the MITRE ATT&CK framework to identify unauthorized activity.
• Follow all applicable incident response and reporting procedures, documenting incidents in the ticketing system and supporting Computer Security Incident Response Team (CSIRT) leadership deliverables.
• Tune and filter security events, create custom queries and use cases, and manage rules for EDR, Data Loss Prevention (DLP), firewalls, and other security technologies.
• Develop and maintain CSIRT Standard Operating Procedures (SOPs) and Playbooks and utilize case management processes for incident tracking.
• Collaborate with engineering, system administrators, and external entities like the United States Computer Emergency Readiness Team (US-CERT) to coordinate on threats and system maintenance.
• Serve as a point of contact for the CSIRT, responding to the hotline and email, and maintaining proficiency through training and self-study.
   

Minimum Qualifications:

• A minimum of 1year of relevant work experience in incident response, cybersecurity analysis, or computer forensics, or related experience. 
• Demonstrated experience as an analyst in a Security Operations Center (SOC) supporting a Federal Government or large commercial enterprise.
• Demonstrated experience with Incident Handling, including responding to and participating in efforts to remediate incidents.
• Experience with cybersecurity technologies such as IDS, SIEM, etc.
• Strong analytical, problem-solving, interpersonal, organizational, and communication skills and briefing skills.
   

Preferred Qualifications:

• 2+ years of experience in a SOC environment, including responding to incidents and working with packet capture (PCAP) data.
• Working knowledge of tools such as Splunk Enterprise Security (ES), Security Orchestration, Automation and Response (SOAR), and User Behavior Analytics (UBA), as well as CrowdStrike Falcon, JIRA, and ServiceNow.
• 1+ years of hands-on experience with Splunk Enterprise Security.
• 1+ years of experience monitoring cloud environments.
• Splunk Core Certified User
• SANS GIAC Certified Intrusion Analyst (GCIA), or (ISC)² Certified Information Systems Security Professional (CISSP) or other cybersecurity related certifications.
   

Clearance Requirements:

• Must be a U.S. citizen and willing and able to obtain a CFPB Public Trust prior to starting this position.

Physical Requirements:

• Must be able to be in a stationary position more than 50% of the time
• Constantly operates a computer and other office productivity machinery, such as a computer
• The person in this position frequently communicates with co-workers, management and clients, which may involve delivering presentations ad must be able to exchange accurate information in these situations
• The person in this position needs to occasionally move about inside the office to access file cabinets, office machinery, etc.

The projected compensation range for this position is $78,700.00-$131,100.00. There are differentiating factors that can impact a final salary/hourly rate, including, but not limited to, Contract Wage Determination, relevant work experience, skills and competencies that align to the specified role, geographic location (For Remote Opportunities), education and certifications as well as Federal Government Contract Labor categories. In addition, MANTECH invests in its employees beyond just compensation. MANTECH’s benefits offerings include, dependent upon position, Health Insurance, Life Insurance, Paid Time Off, Holiday Pay, short-term and long-term Disability, Retirement and Savings, Learning and Development opportunities, wellness programs as well as other optional benefit elections.
MANTECH International Corporation considers all qualified applicants for employment without regard to disability or veteran status or any other status protected under any federal, state, or local law or regulation.
If you need a reasonable accommodation to apply for a position with MANTECH, please email us at [email protected] and provide your name and contact information.