Cyber Threat Hunt Analyst

Cyber Threat Hunt AnalystUnlock the secrets of intelligence with MANTECH Join a dynamic team at the forefront of national security, providing advanced solutions to government intelligence agencies. Since 1968, we've been solving the toughest challenges with groundbreaking tech. Explore thrilling projects in Digital Transformation, Cybersecurity, IT, Data Analytics and Software Development. Elevate your career and make a difference. Your adventure begins nowunleash your potential with MANTECHMANTECH seeks a skilled and innovative Cyber Threat Hunt Analyst to support our cybersecurity operations in McLean, VA.As a Cyber Threat Hunter, you will be responsible for proactively detecting, investigating, and mitigating cyber threats within our large enterprise environment. Your primary focus will be on hypothesis-based threat hunting utilizing the HMM-4 approach and leveraging the Mitre ATT&CK framework. You will collaborate closely with cross-functional teams, including endpoint, network, offensive, threat intelligence, cloud, and data science experts, to identify, analyze, and respond to emerging threats.Responsibilities include but are not limited to:Conduct proactive threat hunting using the HMM-4 approach and Mitre ATT&CK framework.Develop and refine hypotheses for targeted threat hunts based on threat intelligence, internal data, and analysis of attacker tactics, techniques, and procedures (TTPs).Collaborate with internal teams to collect and analyze security event data from various sources, such as logs, alerts, network traffic, and endpoint telemetry.Utilize cutting-edge tools and technologies to identify indicators of compromise (IOCs) and anomalies that may indicate potential threats.Perform in-depth analysis of identified threats, assess their impact, and recommend appropriate mitigation and response strategies.Document investigative objectives and progress throughout threat hunt. Produce detailed reports and provide clear and concise communication on findings, to include root cause analysis and recommendations for remediation and risk mitigation. Propose enhanced detections where possible defensive gaps are identified.Stay up to date with the latest cyber threats, attack techniques, and security technologies through continuous learning and knowledge sharing.Minimum qualifications:3+ years of experience as a cyber security analyst, incident responder, or other closely related cyber security discipline.Experience and strong proficiency in hypothesis-based hunting (HMM-4), the Mitre ATT&CK matrix, and mapping adversary TTPs to observed activities.Experience and proficiency with SIEM platforms, EDR solutions, network traffic analysis tools, and a deep understanding of cloud environments (AWS, Azure, etc.)Experience problem-solving in high-pressure situations, with the ability to translate complex technical findings for both technical and non-technical audiences.Relevant industry certifications (e.g., GCIH, CTIA, or CThH)Experience with and a solid foundation in network protocols and endpoint security.Preferred qualifications:Bachelors degree in electrical engineering, computer engineering, computer science, or related IT discipline4+ years of experience as a cyber security analyst, incident responder, or other closely related cyber security discipline.Clearance requirements:An active/current TS/SCI with Polygraph clearance is required.Physical requirements:Must be able to remain in a stationary position 50% of the time.Needs to occasionally move about inside the office to access file cabinets, office machinery, etc.Frequently communicates with co-workers, management, and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations.MANTECH International Corporation considers all qualified applicants for employment without regard to disability or veteran status or any other status protected under any federal, state, or local law or regulation. If you need a reasonable accommodation to apply for a position with MANTECH, please email us at and provide your name and contact information.