Springfield, Virginia

Secure our Nation, Ignite your Future

Become an integral part of a diverse team while working at an Industry Leading Organization, where our employees come first.  At ManTech International Corporation, you’ll help protect our national security while working on innovative projects that offer opportunities for advancement.

Currently, ManTech is seeking a motivated, career and customer-oriented Incident Response Analyst to join our team in the Northern, Virginia area.

Position Description:

The Incident Response Analyst investigates, analyzes, and responds the cyber incidents within the network environment or enclave. Analyzes digital evidence and investigates computer security incidents to drive useful information in support of system/network vulnerability mitigation. Manage the organization’s Cybersecurity incident response program, including metric development to identify trends and appropriate mitigations.

The Incident Response Analyst shall analyze the existing organizational incident response policy and procedures. Within 60 days of contract award provide a written analysis and any recommendations for government consideration. The format shall be recommended for government approval. Shall draft, maintain, and update incident response policy and procedures upon government request.

The Incident Response Analyst shall track reported cyber incidents. Shall develop an annual compilation of incidents based upon Cybersecurity incident reports upon fiscal year assessments. The compilation shall include a trend analysis and recommendations for mitigations. The format shall be recommended for government approval. The compilation shall be void of system names, system identification numbers, government or contractor locations, and individual names. The draft compilation shall be provided to the government annually by 1 January.

Shall develop metrics associated with reported cyber incidents. The format shall be recommended for government approval. Delivery shall be the first of January, April, July, and October each year.

Shall review cybersecurity incident reports for completeness and accuracy and provide a resolution recommendation to the government within 10 days of submission.

Shall provide initial guidance on mitigating and documenting cyber incidents when reported. Guidance shall be provided via email. The Incident Response Analyst will notify the government verbally of any reported cyber incidents within one hour.

The Incident Response Analyst will investigate cyber incident at the request of the government and document the results of the investigation using the organizational template. Submission of the written report shall be within 10 days of completion of mitigation actions and inquiry.

Draft and/or preliminary documents shall be presented in one of the following electronic formats: Microsoft Office version 2007 compatible (.docx, .xlsx, or .pptx) or the standard Portable Document Format (PDF) format. Final and/or approved format shall be determined by the government; may recommend additional formats.

Travel approximately 10% annually.

Basic Qualifications:

  • Shall have 4 or more years of experience in investigating, analyzing, responding, and documenting cyber incidents.

Desired Qualifications:

  • Experience with handling digital evidence and examination.
  • Experience collecting and reporting metrics associated with cyber incidents.
  • Experience with Information Assurance Vulnerability Messages.
  • Ethical hacker, incident response or digital forensics certification.


  • Bachelor’s Degree from an Accredited University.
  • Shall possess GIAC Security Essentials (GSEC) or Security+ Continuing Education (CE) or Systems Security Certified Practitioner (SSCP) to meet the minimum credential requirements for Cyber IT/Cybersecurity Workforce (CSWF) as outlined in SECNAV M-5239.2.

Security Clearance Requirements:

  • This position will require an active DoD Top Secret with SCI eligibility. The position will require the ability to obtain a CI Poly.

Physical Requirements:

  • Must be able to remain in a stationary position 50%.
  • Needs to occasionally move about inside the office to access file cabinets, office machinery, etc.
  • Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine and computer printer.
  • Often positions self to maintain computers in the lab, including under the desks and in the server closet.
  • Frequently communicates with co-workers, management and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations.
  • May be asked to move Audio/Visual or Computer equipment

For all positions requiring access to technology/software source code that is subject to export control laws, employment with the company is contingent on either verifying U.S.-person status or obtaining any necessary license. The applicant will be required to answer certain questions for export control purposes, and that information will be reviewed by compliance personnel to ensure compliance with federal law. ManTech may choose not to apply for a license for such individuals whose access to export-controlled technology or software source code may require authorization and may decline to proceed with an applicant on that basis alone.

ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active Duty Wartime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law.

If you require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please contact ManTech's Corporate EEO Department at (703) 218-6000. ManTech is an affirmative action/equal opportunity employer - minorities, females, disabled and protected veterans are urged to apply. ManTech's utilization of any external recruitment or job placement agency is predicated upon its full compliance with our equal opportunity/affirmative action policies. ManTech does not accept resumes from unsolicited recruiting firms. We pay no fees for unsolicited services.

If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access http://www.mantech.com/careers/Pages/careers.aspx as a result of your disability. To request an accommodation please click careers@mantech.com and provide your name and contact information.

Springfield, Virginia

ManTech was founded in 1968 to provide advanced technological services to the United States government. We began with a single contract with the U.S. Navy to develop war-gaming models for the submarine community. Over the years, our government's technology needs have increased dramatically in scope and sophistication, and we have grown to meet that challenge.


For more than 4 decades, we kept a careful eye on where emerging technologies were taking the government, and we developed the resources to master those technologies—by staying close to our customers and anticipating their needs, hiring talented professionals to propel us into the future, and acquiring companies with proven capabilities.


Today, we are a multi-billion-dollar public company that provides the innovation, adaptability, and critical thinking our government needs for success in defense, intelligence, law enforcement, science, administration, health, and other fields—throughout the nation and in many countries throughout the world. We are now applying the lessons learned in the unforgiving arena of national security to help the private sector protect networks and critical information.

Similar jobs