Mantech

ManTech is seeking a motivated, career and customer-oriented Cyber Security Engineer, O&M Sensors to join our team in Aurora CO, to provide unparalleled support to our customer and to begin an exciting and rewarding career within ManTech. 

Responsibilities include, but are not limited to:

• Maintains an infrastructure of over several hundred virtualized intrusion detection and network traffic analysis sensors located in multiple locations
• Initiates and oversees the creation, deployment and tuning of thousands of Snort and custom IPS/IDS signatures
• Remotely manages Red Hat Enterprise Linux (RHEL) servers via UNIX shell, VMWare ESXi, and HP Integrated Lights-Out (iLO) and HP Onboard Administrators (OA)
• Makes recommendations to improve overall security posture to senior management
• Creates and customizes ArcSight connectors to maintain the collection and redirection of syslog, HBSS, scanning and other appliance logs from enterprise networks to central manager
• Troubleshoots physically cabled network connections, network routing protocols, media converters, hardware, and various vendor specific tools
• Creates Linux BASH scripts to automate administrative tasks
• Remotely manages Red Hat Enterprise Linux (RHEL) servers via UNIX shell, VMWare ESXi, and HP Integrated Lights-Out (iLO) and HP Onboard Administrators (OA)

Basic Qualifications:

• Education: B.S. or 4+ years experience in related field
• 5+ years of related experience
• 3+ years of experience with modern Windows, UNIX, Linux, network operating systems, databases, and virtual computing
• 2+ years of experience with Splunk
• 2+ years of experience performing analysis of network traffic and correlating diverse security logs to perform recommendations for signature development
• Knowledge with implementation of counter-measures or mitigating controls.
• Ability to support incident response and forensic operations as required to include static/dynamic malware analysis and reverse engineering
• Experience with enterprise security tools, including Security information and event management (SIEM), Threat intelligence platforms (TIPs), or Network monitoring tools
• Experience in creating, modifying, tuning, IDS signatures/SIEM correlation searches and other detection signatures.
• DoD 8570 certification meeting IAT Level II ((GSEC, Security+, SSCP, or CCNA-Security)) required
• CNDSP-A (GCIA, GCIH, or CEH) or CNDSP-IR (GCIH, CSIH, or CEH) certification required

Desired Experience:

• Advanced skills in below work areas/tasks: Linux/Unix (command line user - proficient and used in last 6 months) --Knowledge of Sensors (IDS - intrusion detection solution/Arcsight)
• Performs in-depth analysis techniques to uncover new or potential incidents.
• Knowledge with implementation of counter-measures or mitigating controls.
• Understanding of latest security principles, techniques, and protocols.
• Ability to function in a fast-paced environment and effectively manage multiple tasks simultaneously; coordinating resources and ensuring scheduled goals are met.
• Excellent verbal and written communication skills are required.·
• Ability to make decisions and resolve problems effectively – Seek out information and data to evaluate, prioritize and formulate best solution or practice.
• Must be able to multi-task, work independently and as part of a team, share workloads, and deal with sudden shifts in project priorities.

Security Requirement:

• Must possess an active TS/SCI w/ Polygraph