Technical Info Security Analyst

company banner
ManTech Advanced Systems International
Analysis, Analyst, Android, Application Servers, Architecture, Automated, Browsers, Cisco, Database, Data Collection, Hardware, iOS, Linux, Management, MySQL, mysql, Networking, Oracle, Programming, Security, Solaris, Testing, VMware, Windows, Windows 7, Wireless
Full Time, Full Time
Telecommuting not available Travel not required

Job Description

Technical Info Security Analyst
Public Trust

Entering ManTech’s 50th year, we hold the distinct honor of being named a “Top 100 Global Technology Company” by Thomson Reuters. We have earned this and many other accolades over the years for our dedication to serving the missions of our nation’s most important customers: U.S. Intelligence, Defense and Federal Civilian agencies. All know us as a trusted partner offering best-in-class solutions in cyber, data collection & analytics, enterprise IT, and systems and software engineering tailored to meet their specific requirements.

Become an integral part of a diverse team in the Mission, Cyber and Intelligence Solutions (MCIS) Group.  Currently, ManTech is seeking a motivated, mission oriented Technical Information Security Analyst in San Francisco, CA area, with strong Customer relationships.  At ManTech, you will help protect our national security while working on innovative projects that offer opportunities for advancement.

The FSS Division provides cyber solutions to a wide range of Defense and Intelligence Community customers. This division consists of a team of technical leaders that deliver advanced technical solutions to government organizations.  Our customers have high standards, are technically adept, and use our products daily to support their mission of protecting national security. Our contributions to our customer’s success is driving our growth.

Your role is to help support your client in identifying risks in processes and technologies, and lead improvement initiatives to minimize risk. The ideal candidate for this role will have the ability to blend and utilize their technical, organizational, business, and cyber security skill-sets.  

The preferred candidate will have experience in performing Vulnerability Assessment, Security Control Assessments, and Red Team activities. 

Position Description:

Experience in performing Vulnerability Testing, Security Control Assessments and Red Team activities.

Testing may includes web application assessments, static code review and analysis, mobile (iOS, Android), wireless assessments, SCADA, and infrastructure assessments.

Develop and document security evaluation test plans and procedures.

Provide technical expertise and guidance in developing and supporting business applications to ensure they are deployed securely.

Responsible for aligning industry best security practices and technology solutions with business strategies.

Maintain knowledge of current security tools and industry best practices: tools, techniques, procedures, tactics, attacks and forensics.

Prioritize and manage tasks as needed, on the status of action items and/or results of activities.

Conduct hands-on security testing, analyze test results, document risk, and recommend countermeasures.

Coordinate with other program elements while conducting security testing.

Assess/calculate risk based on threats, vulnerabilities, and shortfalls uncovered in testing.

Required Skills:

Experience with a wide range of InfoSec vulnerability assessment tools to include Nessus, IP360, Qualys, Appscan, etc.

The ideal candidate MUST have a strong understanding of the following technologies and their security vulnerabilities:

Web Applications and Technologies: advanced understanding of application programming languages, application servers, Web services, and Web browsers. Candidate should also understand the vulnerabilities related to these technologies, as well as security best practices when using them. Candidate should also be able to use automated assessment tools coupled with manual testing techniques to assess these applications.

Networking Technologies: advanced proficiency with various networking skills and technologies, including (but not limited to) Cisco hardware and IOS, firewalls, IDS and IPSs, packet analysis, and high level network architecture fundamentals.

Enterprise Solutions, Storage and Databases: understanding of relational databases, database management systems, enterprise storage solutions, and security concerns specific to these technologies.

Virtualization technologies: advanced experience with VMware products, Microsoft virtualization technologies and/or similar technologies.

Applicants selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information.  Secret Clearance may be required in the future.

Requires Bachelor's degree in (computer engineering, computer science, Information Technology, MIS) or related discipline, and four years's related experience.
Preferred technical experience:

• Proficient in Windows and Linux operating systems

• Working knowledge of nmap scanning (Slow Scans, Service detection, OS detection, namp Scipts)

• Working knowledge of web aplication scanning tools (Burp, Nikto, Zap) and interpreting results.

• Working knowledge of vulnerability scanners (Nexpose, Nessus) and interpreting results.

• Working knowledge of using Nipper (network infrastructure parser) for different network devices and interpreting results.

• Working knowledge of using database scanning tools (Appdetective, Scuba) and interpreting results.

• Ability to complete manual configuration review for different operating system (Linux, Solaris, Windos XP, Windows 7, Windows Server 2003, Windows Server 2008, Windows Server 2012) based on the CIS benchmarks

• Ability to complete manual configuration review for different database servers (MySql, MSSQL, Oracle) based on the CIS benchmarks.

• Ability to complete manual configuration review for web application based on the OWASP and NIST guidelines.

• IP360, Qualys, and Appscan a plus.
See Qualifications
See Qualifications
ManTech International Corporation is comprised of approximately 7,300 talented employees who use advanced technology to help government and industry meet some of their greatest challenges around the world. We adhere to the simple, no-nonsense values on which ManTech was founded more than four decades ago, aligning squarely with the mission objectives of our customers. As our customer base continues to expand and diversify, we continue to diversify our workforce and solutions. Nearly half our employees have a military background, and approximately 70 percent hold a government security clearance. As a leading provider of innovative technology services and solutions for the nation's defense, security, health, space, and intelligence communities; we hold nearly 1,100 active contracts with more than 50 different government agencies.

Company Information

ManTech was founded in 1968 to provide advanced technological services to the United States government. We began with a single contract with the U.S. Navy to develop war-gaming models for the submarine community. Over the years, our government's technology needs have increased dramatically in scope and sophistication, and we have grown to meet that challenge.
Dice Id : 10120503
Position Id : 97866BR

Similar Positions at ManTech Advanced Systems International

Info Security Risk Analyst
  • San Francisco, CA
  • 18 hours ago
Info Security Risk Analyst
  • San Francisco, CA
  • 18 hours ago
Lead Information Security Architect
  • San Francisco, CA
  • 18 hours ago
Lead Information Security Architect
  • San Francisco, CA
  • 18 hours ago
Information Systems Security Officer
  • Sunnyvale, CA
  • 18 hours ago
Information Systems Security Officer
  • Edwards, CA
  • 18 hours ago
Senior Information Security Engineer
  • Washington, DC
  • 18 hours ago
Senior Information Security Officer (ISSO)
  • Arlington, VA
  • 18 hours ago
Info Security Spec Sr Princ
  • Hanover, MD
  • 18 hours ago