Lead Cyber Detection Engineer

Secure our Nation, Ignite your Future

Are you interested in defending the most coveted targets in the world? Is advancing today's technology for tomorrow's threats to national security constantly on your mind? Then Join ManTech and help protect our country against our adversaries while working on innovative projects that offer opportunities for advancement. We encourage our team members to share and grow their skills and expertise while creating robust and cutting-edge solutions.

ManTech is seeking a highly skilled and motivated Cyber Detection Engineer with experience in Splunk content development to lead our team of detection engineers. As a key member of our Cyber Security Incident Response Team, you will be responsible for developing custom threat detections leveraging your expert Splunk skills, familiarity with various cyber technologies, and your familiarity with advanced threat actor tactics, techniques, and procedures. Your leadership and technical skills will play a vital role in safeguarding our organization's critical assets and ensuring the integrity of our information systems.

Responsibilities include, but are not limited to:

• Provide subject matter expertise in the creation, editing, and management of signatures, rules and filters for specialized network defense systems such as Network and host-based IDS, IPS, NDR, EDR, firewall, web application firewalls, Proxy and SIEM systems

• Manage and administer the tuning of rules, signatures, and custom content for specialized CND applications and systems

• Identify potential conflicts with implementation of any CND tools within the enterprise and develop recommendations to remediate these conflicts

• Manage inter-agency relationships with partner organizations to facilitate mission execution

• Provide innovative and creative solutions to challenging problems

• Provide logical use case development

• Provide and track requirements to engineering partners

• Identify gaps in visibility or coverage of cyber defense systems

• Prepare and brief management and partner organizations on current state/proposed solutions

• Prepare data analytics and reporting

Basic Qualifications:

• 5+ years of experience in Cyber Security, InfoSec, Security Engineering or Network Engineering with emphasis in cyber security issues and operations, computer incident response, systems architecture, data management

• Ability to demonstrate expertise utilizing SIEM tools for use case development and application

• Understanding of the following classes of enterprise cyber defense technologies:

  • Incident Response analysis

  • Security Information and Event Management (SIEM) systems

  • Network Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS)

  • Host Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS)

  • Security Orchestration Automation and Response (SOAR)

  • Endpoint and Network Detection and Response (EDR/NDR)

  • User Behavior Analytics (UBA)

  • Network and Host malware detection and prevention

  • Network and Host forensic applications

  • Web/Email gateway security technologies

• DOD 8570 IAT Level I or CSSP-IR certification (can be obtained after hire)

Preferred Qualifications:

• Bachelor’s Degree in Electrical Engineering, Computer Engineering, Computer Science, or other closely related Information Technology field of study

• Experience with all or some of the following:

  • Palo Alto Networks

  • McAfee ePO/NSM

  • Carbon Black

  • Tanium

  • Jira

  • Mitre ATT&CK

  • Python

  • Splunk ES

• Ability to leverage interpersonal, organizational, writing, communications, and briefing skills

• Ability to demonstrate strong analytical and problem solving skills

Clearance Requirement:

• Active TS/SCI with Polygraph

Physical Requirements:

• Must be able to remain in a stationary position 50%

• Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine and computer printer

• The person in this position needs to occasionally move about inside the office to access file cabinets, office machinery, etc.

#LI-MT1

SKN.7.23

For all positions requiring access to technology/software source code that is subject to export control laws, employment with the company is contingent on either verifying U.S.-person status or obtaining any necessary license. The applicant will be required to answer certain questions for export control purposes, and that information will be reviewed by compliance personnel to ensure compliance with federal law. ManTech may choose not to apply for a license for such individuals whose access to export-controlled technology or software source code may require authorization and may decline to proceed with an applicant on that basis alone.

ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active Duty Wartime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law.

If you require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please contact ManTech's Corporate EEO Department at (703) 218-6000. ManTech is an affirmative action/equal opportunity employer - minorities, females, disabled and protected veterans are urged to apply. ManTech's utilization of any external recruitment or job placement agency is predicated upon its full compliance with our equal opportunity/affirmative action policies. ManTech does not accept resumes from unsolicited recruiting firms. We pay no fees for unsolicited services.

If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access http://www.mantech.com/careers/Pages/careers.aspx as a result of your disability. To request an accommodation please click careers@mantech.com and provide your name and contact information.