Senior Cyber Security Detections Engineer

MANTECH seeks a motivated, career and customer-oriented Senior Cyber Security Detections Engineer to join our team in Springfield, VA.

This role supports our Cyber Operations mission by providing critical detection and response capabilities. You will be part of an industry-leading organization where employees come first, and you'll help defend national security while working on rewarding projects with room for growth and innovation.

Responsibilities include but are not limited to:

• Formulating and publishing custom Security Information and Event Management (SIEM) tool content and IDS/IPS signatures to address threats
• Performing security event and incident correlation using information gathered from a variety of sources within the enterprise
• Analyzing and assessing damage to the data/infrastructure as a result of cyber incidents
• Performing cyber incident trend analysis and reporting
• Characterizing and analyzing network traffic and system data to identify anomalous activity and potential threats to resources
• Providing detection, identification, and reporting of possible cyber-attacks/intrusions, anomalous activities, and misuse activities
• Creating, deploying, and implementing threat-based signatures and detection rules for operational intrusion detection capabilities

Minimum Qualifications:

• Bachelor's degree or 4+ years of additional cyber experience in lieu of a degree
• 5+ years of related cyber experience
• Experience with modern Windows, UNIX, network operating systems, databases, and virtual computing environments
• DoD 8570 certification meeting IAT Level II (e.g., GSEC, Security+, SSCP, or CCNA-Security)
• Knowledge of counter-measures or mitigating controls
• Experience with enterprise security tools, including SIEMs, Threat Intelligence Platforms (TIPs), or network monitoring tools
• Proficiency in creating, modifying, tuning IDS signatures/SIEM correlation searches and other detection signatures

Preferred Qualifications:

• Advanced skills in Linux/Unix (command line user-proficient and used in the last 6 months)

Clearance Requirements:

• Must have a current/active TS/SCI with Polygraph

Physical Requirements:

• Must be able to remain in a stationary position 50% of the time
• Occasionally move about inside the office to access file cabinets, office machinery, or to communicate with co-workers, management, and customers via email, phone, and/or virtual communication, which may involve delivering presentations