ManTech
Cyber Security Detections Engineer, Senior
ManTech, Denver, Colorado, United States, 80285
Cyber Security Detections Engineer, Senior
ManTech is seeking a motivated, career and customer-oriented
Cyber Security Engineer, Detections
to join our team in
Denver, CO area , to provide unparalleled support to our customer and to begin an exciting and rewarding career within ManTech.Responsibilities include, but are not limited to:Support Cyber Operations Squadron (COS) activities to publish up-to-date cybersecurity tool signatures (e.g. anti-virus and host based security systems)Provide focused analysis, including reverse malware engineering, against intrusion, anomalies, malware, viruses to identify critical information about source, intended target, affected systems or hosts, recommended mitigation measures and risk to missionFormulate custom Security Information and Event Management (SIEM) tool content and IDS/IPS signatures to address threatsPerform security event and incident correlation using information gathered from a variety of sources within the enterpriseAnalyze and assess damage to the data/infrastructure as a result of cyber incidentsPerform cyber incident trend analysis and reporting.Characterize and perform analysis of network traffic and system data to identify anomalous activity and potential threats to resources.Provide detection, identification, and reporting of possible cyber-attacks/intrusions, anomalous activities, and misuse activitiesCreate and deploy threat-based signatures for operational intrusion detection capabilities.Create and implement detection rules from intelligence reportingBasic Qualifications:Minimum Education: B.S. or equivalent experience in related fieldMinimum/General Experience: 5 years of related experienceExperience with modern Windows, UNIX, Linux, network operating systems, databases, and virtual computingExperience with SplunkDoD 8570 certification meeting IAT Level II (GSEC, Security+, SSCP, or CCNA-Security) requiredCNDSP-A (GCIA, GCIH, or CEH) or CNDSP-IR (GCIH, CSIH, or CEH) certification requiredExperience performing analysis of network traffic and correlating diverse security logs to perform recommendations for signature developmentKnowledge with implementation of counter-measures or mitigating controls.Ability to support incident response and forensic operations as required to include static/dynamic malware analysis and reverse engineeringExperience with enterprise security tools, including Security information and event management (SIEM), Threat intelligence platforms (TIPs), or Network monitoring toolsExperience in creating, modifying, tuning, IDS signatures/SIEM correlation searches and other detection signatures.Preferred Qualifications:Proficient in Linux operating systemsAdvanced skills in Linux/Unix (command line user - proficient and used in last 6 months)Working knowledge of current COTS Cybersecurity technologies.Familiar with MITRE ATT&CK FrameworkSecurity Clearance Requirements:TS/SCI w/PolyPhysical Requirements:Must be able to remain in a stationary position 50%Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine and computer printerSecure our Nation, Ignite your Future
#J-18808-Ljbffr
ManTech is seeking a motivated, career and customer-oriented
Cyber Security Engineer, Detections
to join our team in
Denver, CO area , to provide unparalleled support to our customer and to begin an exciting and rewarding career within ManTech.Responsibilities include, but are not limited to:Support Cyber Operations Squadron (COS) activities to publish up-to-date cybersecurity tool signatures (e.g. anti-virus and host based security systems)Provide focused analysis, including reverse malware engineering, against intrusion, anomalies, malware, viruses to identify critical information about source, intended target, affected systems or hosts, recommended mitigation measures and risk to missionFormulate custom Security Information and Event Management (SIEM) tool content and IDS/IPS signatures to address threatsPerform security event and incident correlation using information gathered from a variety of sources within the enterpriseAnalyze and assess damage to the data/infrastructure as a result of cyber incidentsPerform cyber incident trend analysis and reporting.Characterize and perform analysis of network traffic and system data to identify anomalous activity and potential threats to resources.Provide detection, identification, and reporting of possible cyber-attacks/intrusions, anomalous activities, and misuse activitiesCreate and deploy threat-based signatures for operational intrusion detection capabilities.Create and implement detection rules from intelligence reportingBasic Qualifications:Minimum Education: B.S. or equivalent experience in related fieldMinimum/General Experience: 5 years of related experienceExperience with modern Windows, UNIX, Linux, network operating systems, databases, and virtual computingExperience with SplunkDoD 8570 certification meeting IAT Level II (GSEC, Security+, SSCP, or CCNA-Security) requiredCNDSP-A (GCIA, GCIH, or CEH) or CNDSP-IR (GCIH, CSIH, or CEH) certification requiredExperience performing analysis of network traffic and correlating diverse security logs to perform recommendations for signature developmentKnowledge with implementation of counter-measures or mitigating controls.Ability to support incident response and forensic operations as required to include static/dynamic malware analysis and reverse engineeringExperience with enterprise security tools, including Security information and event management (SIEM), Threat intelligence platforms (TIPs), or Network monitoring toolsExperience in creating, modifying, tuning, IDS signatures/SIEM correlation searches and other detection signatures.Preferred Qualifications:Proficient in Linux operating systemsAdvanced skills in Linux/Unix (command line user - proficient and used in last 6 months)Working knowledge of current COTS Cybersecurity technologies.Familiar with MITRE ATT&CK FrameworkSecurity Clearance Requirements:TS/SCI w/PolyPhysical Requirements:Must be able to remain in a stationary position 50%Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine and computer printerSecure our Nation, Ignite your Future
#J-18808-Ljbffr