Cyber Security Engineer- Detections
221BQ - Cstmr Site,Springfield,VA
Secure our Nation, Ignite your Future
Secure our Nation, Ignite your Future
Entering ManTech’s 50th year, we hold the distinct honor of being named a “Top 100 Global Technology Company” by Thomson Reuters. We understand that in order to hold this distinct honor, we must provide our employees with the opportunity to break through barriers. We reinvest in our employees through rich educational opportunities such as 100% paid tuition for qualifying Bachelor’s and Master’s degrees, rich training and certification programs allowing our employees to obtain industry best certifications, a variety of Communities of Practice (COPs) where employees can exchange knowledge and much more, along with a vast array of instruction and resources needed for personal and professional development through our very own ManTech University. In addition to those amazing benefits, ManTech also has a fully dedicated Career Mobility team to provide you with guidance and assistance to continue to grow your career with ManTech.
ManTech is seeking a motivated, career and customer-oriented Cyber Security Engineer- Detections to join our team in Springfield, VA, to provide unparalleled support to our customer and to begin an exciting and rewarding career within ManTech.
Responsibilities include, but are not limited to:
- Support Cyber Operations Squadron (COS) activities to publish up-to-date cybersecurity tool signatures (e.g. anti-virus and host based security systems)
- Provide focused analysis, including reverse malware engineering, against intrusion, anomalies, malware, viruses to identify critical information about source, intended target, affected systems or hosts, recommended mitigation measures and risk to mission
- Formulate custom Security Information and Event Management (SIEM) tool content and IDS/IPS signatures to address threats
- Performs security event and incident correlation using information gathered from a variety of sources within the enterprise
- Analyzes and assesses damage to the data / infrastructure as a result of cyber incidents
- Performs cyber incident trend analysis and reporting.
- Characterizes and performs analysis of network traffic and system data to identify anomalous activity and potential threats to resources.
- Provides detection, identification, and reporting of possible cyber-attacks/intrusions, anomalous activities, and misuse activities
- Create and deploy threat-based signatures for operational intrusion detection capabilities.
- Create and implement detection rules from intelligence reporting
Basic Qualifications:
- Minimum Education: B.S. or equivalent experience in related field
- Minimum/General Experience: 7 years of related experience
- Experience with modern Windows, UNIX, network operating systems, databases, and virtual computing
- DoD 8570 certification meeting IAT Level II ((GSEC, Security+, SSCP, or CCNA-Security)) required
- CNDSP-A (GCIA, GCIH, or CEH) or CNDSP-IR (GCIH, CSIH, or CEH) certification required
Demonstrated Technical Experience:
- Experience performing analysis of network traffic and correlating diverse security logs to perform recommendations for signature development
- Knowledge with implementation of counter-measures or mitigating controls.
- Ability to support incident response and forensic operations as required to include static/dynamic malware analysis and reverse engineering
- Experience with enterprise security tools, including Security information and event management (SIEM), Threat intelligence platforms (TIPs), or Network monitoring tools
- Experience in creating, modifying, tuning, IDS signatures/SIEM correlation searches and other detection signatures.
Preferred Qualifications:
- Proficient in Linux operating systems
- Advanced skills in Linux/Unix (command Line user- proficient and used in last 6 months
- Working knowledge of current COTS Cybersecurity technologies
- Familiar with MITRE ATT&CK Framework
Security Clearance Requirements:
- TS/SCI w/Poly
Physical Requirements:
- Must be able to remain in a stationary position 50%
- Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine and computer printer
- The person in this position frequently communicates with co-workers, management and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations
For all positions requiring access to technology/software source code that is subject to export control laws, employment with the company is contingent on either verifying U.S.-person status or obtaining any necessary license. The applicant will be required to answer certain questions for export control purposes, and that information will be reviewed by compliance personnel to ensure compliance with federal law. ManTech may choose not to apply for a license for such individuals whose access to export-controlled technology or software source code may require authorization and may decline to proceed with an applicant on that basis alone.
ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active Duty Wartime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law.
If you require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please contact ManTech's Corporate EEO Department at (703) 218-6000. ManTech is an affirmative action/equal opportunity employer - minorities, females, disabled and protected veterans are urged to apply. ManTech's utilization of any external recruitment or job placement agency is predicated upon its full compliance with our equal opportunity/affirmative action policies. ManTech does not accept resumes from unsolicited recruiting firms. We pay no fees for unsolicited services.
If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access http://www.mantech.com/careers/Pages/careers.aspx as a result of your disability. To request an accommodation please click careers@mantech.com and provide your name and contact information.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: CEH Clearance Compliance DoD DoDD 8570 GCIA GCIH GSEC IDS Incident response Intrusion detection IPS Linux Malware MITRE ATT&CK Monitoring Reverse engineering Security Clearance SIEM SSCP Threat intelligence TS/SCI UNIX Windows
Perks/benefits: Career development
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs