ManTech
Cyber Security Engineer, Senior
ManTech, Chantilly, Virginia, United States, 22021
Become an integral part of a diverse team while working at an Industry Leading Organization, where our employees come first. At ManTech International Corporation, you’ll help protect our national security while working on innovative projects that offer opportunities for advancement.
Currently, ManTech is seeking a motivated, career and customer-oriented Cyber Security Engineer, Senior to join our team in the Chantilly, VA or Denver, CO. areas.
Responsibilities include, but are not limited to:
Perform tasks and complete customer requests using the ServiceNow delivery platform.
Resolve incident tickets issued through ServiceNow.
On-board customer’s assets consisting of operating systems, applications and network devices in multiple enclaves.
Participate in Beta-testing future enhancements to the Audit Enterprise system and provide valuable feedback.
Manage the engineering, integration, and administration support required for successful delivery of capabilities and services to the operational baseline.
Assist the Program/Project engineers in testing and implementing future enhancements.
Utilize, evaluate and update all engineer instruction sets and SOPs.
Ability to learn and perform the testing of sophisticated Audit SIEM platform applications in a physical and virtual environment.
Troubleshooting new and current data collection issues
Troubleshooting system issues that make the system unstable or unusable.
Deployment and Managing all supported and unsupported Splunk Add-ons that are required for specific data sources
Integrations with other systems via API or other similar methods
Provide documentation such as body of evidence documents (as needed), engineering documents, change management documents, system security plans, and accreditation documents
Deliver a comprehensive Splunk deployment document to detail the specifications, deployment methods, and other architectural considerations to the production environment.
Maintain a strict role-based access control solution around the data collected, to provide a need-to-know ability
Forwarder Configurations and Deployments: Design and deploy forwarders rapidly with centralized configuration management (Splunk Deployment Server).
Oversee Knowledge Object Management such as CIM management and tuning
Oversee Enterprise Security configurations and tuning
Experience in the use of network monitoring tools with a strong understanding of network protocols
Ability to perform security analysis, development and implementation of security policies, standards and guidelines
Ability to work collaboratively
Strong Organizational skills are required
Basic Qualifications:
Minimum/General Experience: 4+ years of IT and/or cyber experience.
Minimum Education: B.S. or 4 additional years of experience
Must possess the required DoD Directive 8570.1 IAT Level II or higher certification or ability to obtain within 6 months.
Strong organizational, analytical, and troubleshooting skills with a high level of attention to detail are required to succeed in this diverse environment.
Should be able to demonstrate understanding and appropriate application of DoD policy and technical security guidance to information systems.
Experience with Security Information and Event Management (SIEM) platforms, preferable Splunk.
A good understanding of Linux systems administration, general operating system security practices, TCP/IP networking, and network security concepts is required.
Preferred Qualifications:
Familiarity with the Certification & Accreditation process is preferable but not required.
Ability to learn and comprehend from provided training in an individual contributor and team capacity.
Splunk Certifications
Experience with Security Information and Event Management (SIEM) platforms, preferable Splunk.
Experience with Linux, Red Hat and CentOS.
Cloud environment experience and/or certifications.
Ability to modify feed creation to ingest customer logs in a standard format to meet policy requirements.
Familiarization with ICS 500-27 for Audit collection requirements
Familiarization with other Enterprise security services Host Base Security Service, and Enterprise Vulnerability Scanning Service, and UAM
Ability to clearly articulate ideas for executive – level as well as technical staff consumption
Analytical capability to look for and provide input on process improvements
Must be able to multi-task, work independently and as part of a team, share workloads, and deal with sudden shifts in project priorities.
Security Clearance Requirements:
TS/SCI w/Poly
#GL-SOC
Currently, ManTech is seeking a motivated, career and customer-oriented Cyber Security Engineer, Senior to join our team in the Chantilly, VA or Denver, CO. areas.
Responsibilities include, but are not limited to:
Perform tasks and complete customer requests using the ServiceNow delivery platform.
Resolve incident tickets issued through ServiceNow.
On-board customer’s assets consisting of operating systems, applications and network devices in multiple enclaves.
Participate in Beta-testing future enhancements to the Audit Enterprise system and provide valuable feedback.
Manage the engineering, integration, and administration support required for successful delivery of capabilities and services to the operational baseline.
Assist the Program/Project engineers in testing and implementing future enhancements.
Utilize, evaluate and update all engineer instruction sets and SOPs.
Ability to learn and perform the testing of sophisticated Audit SIEM platform applications in a physical and virtual environment.
Troubleshooting new and current data collection issues
Troubleshooting system issues that make the system unstable or unusable.
Deployment and Managing all supported and unsupported Splunk Add-ons that are required for specific data sources
Integrations with other systems via API or other similar methods
Provide documentation such as body of evidence documents (as needed), engineering documents, change management documents, system security plans, and accreditation documents
Deliver a comprehensive Splunk deployment document to detail the specifications, deployment methods, and other architectural considerations to the production environment.
Maintain a strict role-based access control solution around the data collected, to provide a need-to-know ability
Forwarder Configurations and Deployments: Design and deploy forwarders rapidly with centralized configuration management (Splunk Deployment Server).
Oversee Knowledge Object Management such as CIM management and tuning
Oversee Enterprise Security configurations and tuning
Experience in the use of network monitoring tools with a strong understanding of network protocols
Ability to perform security analysis, development and implementation of security policies, standards and guidelines
Ability to work collaboratively
Strong Organizational skills are required
Basic Qualifications:
Minimum/General Experience: 4+ years of IT and/or cyber experience.
Minimum Education: B.S. or 4 additional years of experience
Must possess the required DoD Directive 8570.1 IAT Level II or higher certification or ability to obtain within 6 months.
Strong organizational, analytical, and troubleshooting skills with a high level of attention to detail are required to succeed in this diverse environment.
Should be able to demonstrate understanding and appropriate application of DoD policy and technical security guidance to information systems.
Experience with Security Information and Event Management (SIEM) platforms, preferable Splunk.
A good understanding of Linux systems administration, general operating system security practices, TCP/IP networking, and network security concepts is required.
Preferred Qualifications:
Familiarity with the Certification & Accreditation process is preferable but not required.
Ability to learn and comprehend from provided training in an individual contributor and team capacity.
Splunk Certifications
Experience with Security Information and Event Management (SIEM) platforms, preferable Splunk.
Experience with Linux, Red Hat and CentOS.
Cloud environment experience and/or certifications.
Ability to modify feed creation to ingest customer logs in a standard format to meet policy requirements.
Familiarization with ICS 500-27 for Audit collection requirements
Familiarization with other Enterprise security services Host Base Security Service, and Enterprise Vulnerability Scanning Service, and UAM
Ability to clearly articulate ideas for executive – level as well as technical staff consumption
Analytical capability to look for and provide input on process improvements
Must be able to multi-task, work independently and as part of a team, share workloads, and deal with sudden shifts in project priorities.
Security Clearance Requirements:
TS/SCI w/Poly
#GL-SOC