Mantech

Become an integral part of a diverse team while working at an Industry Leading Organization, where our employees come first.  At ManTech International Corporation, you’ll help protect our national security while working on innovative projects that offer opportunities for advancement.

Currently, ManTech is seeking a motivated, career and customer-oriented Cyber Security Engineer, Senior  to join our team in the Chantilly, VA or Denver, CO. areas.

Responsibilities include, but are not limited to:

• Perform tasks and complete customer requests using the ServiceNow delivery platform.

• Resolve incident tickets issued through ServiceNow.

• On-board customer’s assets consisting of operating systems, applications and network devices in multiple enclaves.

• Participate in Beta-testing future enhancements to the Audit Enterprise system and provide valuable feedback.

• Manage the engineering, integration, and administration support required for successful delivery of capabilities and services to the operational baseline. 

• Assist the Program/Project engineers in testing and implementing future enhancements.

• Utilize, evaluate and update all engineer instruction sets and SOPs.

• Ability to learn and perform the testing of sophisticated Audit SIEM platform applications in a physical and virtual environment.

• Troubleshooting new and current data collection issues

• Troubleshooting system issues that make the system unstable or unusable.

• Deployment and Managing all supported and unsupported Splunk Add-ons that are required for specific data sources

• Integrations with other systems via API or other similar methods

• Provide documentation such as body of evidence documents (as needed), engineering documents, change management documents, system security plans, and accreditation documents

• Deliver a comprehensive Splunk deployment document to detail the specifications, deployment methods, and other architectural considerations to the production environment.

• Maintain a strict role-based access control solution around the data collected, to provide a need-to-know ability

• Forwarder Configurations and Deployments: Design and deploy forwarders rapidly with centralized configuration management (Splunk Deployment Server).

• Oversee Knowledge Object Management such as CIM management and tuning

• Oversee Enterprise Security configurations and tuning

• Experience in the use of network monitoring tools with a strong understanding of network protocols

• Ability to perform security analysis, development and implementation of security policies, standards and guidelines

• Ability to work collaboratively

• Strong Organizational skills are required

Basic Qualifications:

• Minimum/General Experience: 4+ years of IT and/or cyber experience.

• Minimum Education: B.S. or 4 additional years of experience

• Must possess the required DoD Directive 8570.1 IAT Level II or higher certification or ability to obtain within 6 months.

• Strong organizational, analytical, and troubleshooting skills with a high level of attention to detail are required to succeed in this diverse environment.

• Should be able to demonstrate understanding and appropriate application of DoD policy and technical security guidance to information systems.

• Experience with Security Information and Event Management (SIEM) platforms, preferable Splunk.

• A good understanding of Linux systems administration, general operating system security practices, TCP/IP networking, and network security concepts is required. 

Preferred Qualifications:

• Familiarity with the Certification & Accreditation process is preferable but not required.

• Ability to learn and comprehend from provided training in an individual contributor and team capacity.

• Splunk Certifications

• Experience with Security Information and Event Management (SIEM) platforms, preferable Splunk.

• Experience with Linux, Red Hat and CentOS.

• Cloud environment experience and/or certifications.

• Ability to modify feed creation to ingest customer logs in a standard format to meet policy requirements.

• Familiarization with ICS 500-27 for Audit collection requirements

• Familiarization with other Enterprise security services Host Base Security Service, and Enterprise Vulnerability Scanning Service, and UAM

• Ability to clearly articulate ideas for executive – level as well as technical staff consumption

• Analytical capability to look for and provide input on process improvements

• Must be able to multi-task, work independently and as part of a team, share workloads, and deal with sudden shifts in project priorities.

Security Clearance Requirements:

• TS/SCI w/Poly

#GL-SOC