Senior Cyber Security Detections Engineer

MANTECH seeks a motivated, career and customer-oriented Senior Cyber Security Detections Engineer to join our team in Chantilly, VA.

This role supports our Cyber Operations mission by providing critical detection and response capabilities. You will be part of an industry-leading organization where employees come first, and you'll help defend national security while working on rewarding projects with room for growth and innovation.

Responsibilities include but are not limited to :

Formulating and publishing custom Security Information and Event Management (SIEM) tool content and IDS / IPS signatures to address threats

Performing security event and incident correlation using information gathered from a variety of sources within the enterprise

Analyzing and assessing damage to the data / infrastructure as a result of cyber incidents

Performing cyber incident trend analysis and reporting

Characterizing and analyzing network traffic and system data to identify anomalous activity and potential threats to resources

Providing detection, identification, and reporting of possible cyber-attacks / intrusions, anomalous activities, and misuse activities

Creating, deploying, and implementing threat-based signatures and detection rules for operational intrusion detection capabilities

Minimum Qualifications :

Bachelor's degree or 4+ years of additional cyber experience in lieu of a degree

5+ years of cyber experience

Experience with modern Windows, UNIX, network operating systems, databases, and virtual computing environments

DoD 8570 certification meeting IAT Level II (e.g., GSEC, Security+, SSCP, or CCNA-Security)

Knowledge of counter-measures or mitigating controls

Experience with enterprise security tools, including SIEMs, Threat Intelligence Platforms (TIPs), or network monitoring tools

Proficiency in creating, modifying, tuning IDS signatures / SIEM correlation searches and other detection signatures

Preferred Qualifications :

Advanced skills in Linux / Unix (command line user—proficient and used in the last 6 months)

Clearance Requirements :

Must have a current / active TS / SCI with Polygraph

Physical Requirements :

Must be able to remain in a stationary position 50% of the time

Occasionally move about inside the office to access file cabinets, office machinery, or to communicate with co-workers, management, and customers via email, phone, and / or virtual communication, which may involve delivering presentations