Secure our Nation, Ignite your Future

　　The core responsibility of the Incident Manager is to oversee Incident Management program, processes, personnel, and procedures within the Cyber Threat Operations Center (CTOC). This person will manage the lifecycle of all cyber security related unplanned interruptions, malfunctions, and quality reductions of provided systems and services. This person will coordinate with internal and external leadership, legal teams, and other relevant stakeholders to resolve incidents. This role may include the need to work outside of core hours on high priority investigations and may also include on-call responsibilities.

　　Responsibilities:

　　Manage incident response and investigative efforts to ensure the CTOC thoroughly and lawfully investigates security, privacy, and workplace incidents affecting the organization 's assets, information, and people.

　　• Define, document, and manage cyber threat Investigations and Incidents within the CTOC

　　• Maintain the Incident Management processes, incident response playbooks, and related workflows as implemented in systems of record

　　• Validate the severity of system outages in accordance with the Classify, Escalate, Notify (CEN) Matrix; manage and adhere to the incident escalation processes

　　• Coordinate with internal and external teams (e.g., Leadership, Legal, Communications, Risk Management, Engineering, Others.) to resolve incidents; ensure communications requirements are published

　　• Manage relationships with external investigators and incident-response entities the organization may have relationships with

　　Qualifications:

　　• Bachelor's degree in Information Technology, Engineering, Computer Science, Operations Management, Risk Management, or a related field OR 2+ years of experience in Incident Management or similar role managing incident and crisis response

　　• 3+ years of experience working in IT Service Management, Cybersecurity management, or a similar role in a Network/Security Operations Center (NOC/SOC) environment

　　• Expert knowledge of desktop security, forensics data capture, chain of custody concepts, open-source intelligence, and investigative methods • Demonstrated ability to effectively communicate facts, findings, and solutions to leadership and external stakeholders at varying levels

　　• Demonstrated knowledge within the cybersecurity domain

　　• Extensive experience with Investigative report writing; strong professional and technical writing skills

　　Preferred Skills:

　　• Knowledge of cybersecurity policies, procedures, and regulations (including DoD)

　　• Knowledge of basic system administration and operating system hardening techniques

　　• Knowledge of Microsoft products and services with focus on Microsoft Cloud • ITIL, Microsoft, CISSP, CISM, CISA, SANS, GCIA, GCIH, OSCP, PCCSE, PCNSE, PCSAE, CCNP Security, CCIE Security and/or Security+ certification

　　• Fundamental understanding of Microsoft Cloud products and services

　　Physical Requirements:

　　Sedentary PositionSecurity Clearance:

　　DOD TS/SCI

　　For all positions requiring access to technology/software source code that is subject to export control laws, employment with the company is contingent on either verifying U.S.-person status or obtaining any necessary license. The applicant will be required to answer certain questions for export control purposes, and that information will be reviewed by compliance personnel to ensure compliance with federal law. ManTech may choose not to apply for a license for such individuals whose access to export-controlled technology or software source code may require authorization and may decline to proceed with an applicant on that basis alone.

　　ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active Duty Wartime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law.

　　If you require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please contact ManTech's Corporate EEO Department at (703) 218-6000. ManTech is an affirmative action/equal opportunity employer - minorities, females, disabled and protected veterans are urged to apply. ManTech's utilization of any external recruitment or job placement agency is predicated upon its full compliance with our equal opportunity/affirmative action policies. ManTech does not accept resumes from unsolicited recruiting firms. We pay no fees for unsolicited services.

　　If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access http://www.mantech.com/careers/Pages/careers.aspx as a result of your disability. To request an accommodation please click [email protected] and provide your name and contact information.