, Maryland

All ManTech employees will need to meet the requirements set forth in Executive Order 14042 and the Safer Federal Workforce Task Force Guidance requiring all covered contractor personnel to be fully vaccinated against COVID-19.

Secure our Nation, Ignite your Future

    ManTech provides mission-focused technology solutions and services for U.S. defense, intelligence and federal civilian agencies. In business for more than 52 years, we excel in full-spectrum cyber, data collection & analytics, enterprise IT, and systems and software engineering solutions that support national and homeland security. 

    The Technical Exploitation Support Services team is critical in supporting DoD, Federal, and IC partners’ Global War on Terrorism efforts by providing state of the art technical exploitation and collection capabilities in digital media exploitation triage and automation, advanced technical Media Exploitation (MEDEX), and advanced Mobile Device Exploitation. Activities include digital forensics activities, software reverse engineering, hardware exploitation, parser development, reverse engineering, mobile applications development and engineering, and technical exploitation (collection, transmission, prioritization translation, and analysis and dissemination of materials).

    Currently, ManTech is seeking a Senior Digital Forensics Analyst (SME) specialized in advanced MEDEX and Technical Exploitation capabilities to join our team at the Intelligence Community Campus-Bethesda, MD.

    Responsibilities include, but are not limited to:

    •    Bit-level device acquisition of PC’s, Mac’s, smartphones and other devices.
    •    Expert level knowledge of solutions tracking enemy TTPs and exploiting weaknesses in the use of anti-forensic tools.
    •    Advanced or Expert technical exploitation tool and script development, artifact pattern analysis, exploitation, and cross set link analysis of digital media ranging from dumb phones, smartphones, Mac's, Windows PC's, Linux PC's and other devices.
    •    Advanced Technical Exploitation capabilities to include: Various Operating Systems and file systems, internet history analysis, registry analysis, application analysis, and database analysis. 
    •    Provide expert-level capability in hardware configuration, network/data communications, software development, scripting, and database exploitation.
    •    Researching emerging trends, capabilities, and technology.
    •    Comfortable executing Python scripts, SQL queries, and other CLI commands.
    •    Advanced Technical Exploitation capabilities to include:
    •    Expertise in various operating systems and file systems,
    •    Analysis and exploitation to include pattern recognition and cross set link analysis of forensic artifacts to include but not limited to internet history, registry, applications, virtual machines, backups, databases, and communications such as messaging and social media.
    •    Provide global Technical Exploitation response capabilities to include:
    •    Pattern of life and behavioral analysis through media examinations.
    •    Provide deployable technical exploitation personnel to meet DOD & partner contingency requirements
    •    Provide expert multi-functional exploitation expertise as required
    •    Coordinate with customer operations on technical exploitation platform & training related issues.

    Basic Qualifications:

    •    Bachelor’s degree in Science, Technology, Engineering and Mathematics (STEM) discipline preferred and a minimum of 7 or more years of demonstrated technical exploitation experience and skills such as computer forensics, technical exploitation, reverse engineering, and/or malware analysis.
    •    Industry standard forensic certifications such as: EnCase Certified Examiner (EnCE), AccessData Certified Examiner (ACE), Certified Computer Examiner (CCE), or EC-Council, ISACA, (ISC)2, & GIAC related forensic certifications or obtain a certification within the first 6 months of employment.
    •    Department of Defense (DoD) 8570 Compliant, IAT Level II or ability to obtain within 90 days of employment.
    •    Experience and/or certified in two or more of the following commercial forensic tools: Axiom, EnCase, X-Ways, Blackbag, Physical Analyzer, and Oxygen.
    •    Ability to design, implement and document computer forensics services to include evidence seizure, computer forensic analysis and data recovery.
    •    Ability to convey technical information effectively and concisely to a wide range of audiences to include; presentations, briefing, and technical intelligence reports.
    •    Willing to travel CONUS and/or OCONUS on TDY to include war zones.
    •    Meet CENTCOM physical and physiological deployment requirements to include carrying a weapon, before commencement of work.

    Preferred Qualifications: 

    •    Experience in intelligence reporting, investigations, and/or targeting a plus.
    •    Experience conducting link analysis and Pattern of Life studies.
    •    Experience writing Python scripts and SQL queries preferred.
    •    Experience in cross collection exploitation and analysis to include:
    •    Discovery of applications of interest used across sets by target groups.
    •    Discovery of tactics, techniques, and procedures employed by target groups.
    •    Experience in hardware and/or firmware exploitation.

    Security Clearance Requirements:

    •    Must possess an active TS/SCI clearance with a Counterintelligence (CI) Polygraph or obtain a CI Polygraph before the start date.

    Physical Requirements:

    •    Must be able to remain in a stationary position 50%.
    •    Constantly positions self to maintain computers in the lab, including under the desks and in the server closet.
    •    Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine and computer printer.
    •    Must be able to detect, Determine, Perceive, Identify, Recognize, Judge, Observe, Inspect, Estimate, & Assess.
    •    The person in this position frequently communicates with co-workers, management and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations.


    For all positions requiring access to technology/software source code that is subject to export control laws, employment with the company is contingent on either verifying U.S.-person status or obtaining any necessary license. The applicant will be required to answer certain questions for export control purposes, and that information will be reviewed by compliance personnel to ensure compliance with federal law. ManTech may choose not to apply for a license for such individuals whose access to export-controlled technology or software source code may require authorization and may decline to proceed with an applicant on that basis alone.

    ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active Duty Wartime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law.

    If you require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please contact ManTech's Corporate EEO Department at (703) 218-6000. ManTech is an affirmative action/equal opportunity employer - minorities, females, disabled and protected veterans are urged to apply. ManTech's utilization of any external recruitment or job placement agency is predicated upon its full compliance with our equal opportunity/affirmative action policies. ManTech does not accept resumes from unsolicited recruiting firms. We pay no fees for unsolicited services.

    If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access http://www.mantech.com/careers/Pages/careers.aspx as a result of your disability. To request an accommodation please click careers@mantech.com and provide your name and contact information.

    , Maryland

    ManTech was founded in 1968 to provide advanced technological services to the United States government. We began with a single contract with the U.S. Navy to develop war-gaming models for the submarine community. Over the years, our government's technology needs have increased dramatically in scope and sophistication, and we have grown to meet that challenge.


    For more than 4 decades, we kept a careful eye on where emerging technologies were taking the government, and we developed the resources to master those technologies—by staying close to our customers and anticipating their needs, hiring talented professionals to propel us into the future, and acquiring companies with proven capabilities.


    Today, we are a multi-billion-dollar public company that provides the innovation, adaptability, and critical thinking our government needs for success in defense, intelligence, law enforcement, science, administration, health, and other fields—throughout the nation and in many countries throughout the world. We are now applying the lessons learned in the unforgiving arena of national security to help the private sector protect networks and critical information.

    Similar jobs