What are the responsibilities and job description for the Detection Engineer position at ManTech?
Secure our Nation, Ignite your Future
ManTech is looking for a driven candidate, who is passionate about the security of our country. This candidate will join the team who protect and defend the largest target in the world using your expertise in Host Based IDS, IPS and specialized network defense. This position will utilize the latest cyber tools available and assist in creating new ones and allow you to advance the nation's information security posture. The Cyber Security Analyst position will be located in McLean working Monday - Friday with core hours. At ManTech, you'll help protect our national security while working on innovative projects that offer opportunities for advancement.
The Cyber Security Analyst responsibilities include, but are not limited to:
· Creation, editing, and management of signatures, rules and filters for specialized network defense systems including but not limited to:
· Network and host based EDR/NDR, IDS, IPS, firewall, web application firewall
· SOAR, Proxy, SIEM systems
· Manages and administers the tuning of rules, signatures, and custom content for specialized CND applications and systems
· Identifies potential conflicts with implementation of any CND tools within the enterprise and develop recommendations to remediate these conflicts
· Participates in inter-agency relationships with partner organizations to facilitate mission execution
· Provides logical use case development
· Provides and tracks requirements to engineering partners
· Identifies gaps in visibility or coverage of cyber defense systems
Basic Qualifications:
· Requires Bachelor's degree and 10 years of related experience or 4 additional of years in lieu of degree
· Demonstrated experience with Mitre ATT&CK
· Minimum of 5 years of experience in Cyber Security, InfoSec, Security Engineering, Network Engineering with emphasis in cyber security issues and operations, computer incident response, systems architecture, data management
· Excellent background with Splunk, Splunk ES, Splunk Processing Language
· Experience analyzing cyber-attacks utilizing various log data sources
· Excellent interpersonal, organizational, writing, communications, and briefing skills
· Demonstrated expertise utilizing SIEM tools for use case development and application
Security Clearance Requirements:
· Current/active TS/SCI with Polygraph
Required Certifications:
DOD 8570 IAT Level I or CSSP-IR
Familiarity with the following classes of enterprise cyber defense technologies:
· Security Information and Event Management (SIEM) systems (Splunk and/or Splunk Enterprise Security)
· SysMon
· Network Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS)
· Host Intrusion Detection System/Intrusion Prevention Systems (EDR/IDS/IPS)
· Network and Host malware detection and prevention (EDR/NDR)
· Network and Host forensic applications
· Web/Email gateway security technologies
· SOAR
· Azure
· Experience with Python, Yara, Snort, Sigma, or similar
5.24.IGLB.JD.22
For all positions requiring access to technology/software source code that is subject to export control laws, employment with the company is contingent on either verifying U.S.-person status or obtaining any necessary license. The applicant will be required to answer certain questions for export control purposes, and that information will be reviewed by compliance personnel to ensure compliance with federal law. ManTech may choose not to apply for a license for such individuals whose access to export-controlled technology or software source code may require authorization and may decline to proceed with an applicant on that basis alone.
ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active Duty Wartime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law.
If you require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please contact ManTech's Corporate EEO Department at (703) 218-6000. ManTech is an affirmative action/equal opportunity employer - minorities, females, disabled and protected veterans are urged to apply. ManTech's utilization of any external recruitment or job placement agency is predicated upon its full compliance with our equal opportunity/affirmative action policies. ManTech does not accept resumes from unsolicited recruiting firms. We pay no fees for unsolicited services.
If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access http://www.mantech.com/careers/Pages/careers.aspx as a result of your disability. To request an accommodation please click careers@mantech.com and provide your name and contact information.
ManTech is looking for a driven candidate, who is passionate about the security of our country. This candidate will join the team who protect and defend the largest target in the world using your expertise in Host Based IDS, IPS and specialized network defense. This position will utilize the latest cyber tools available and assist in creating new ones and allow you to advance the nation's information security posture. The Cyber Security Analyst position will be located in McLean working Monday - Friday with core hours. At ManTech, you'll help protect our national security while working on innovative projects that offer opportunities for advancement.
The Cyber Security Analyst responsibilities include, but are not limited to:
· Creation, editing, and management of signatures, rules and filters for specialized network defense systems including but not limited to:
· Network and host based EDR/NDR, IDS, IPS, firewall, web application firewall
· SOAR, Proxy, SIEM systems
· Manages and administers the tuning of rules, signatures, and custom content for specialized CND applications and systems
· Identifies potential conflicts with implementation of any CND tools within the enterprise and develop recommendations to remediate these conflicts
· Participates in inter-agency relationships with partner organizations to facilitate mission execution
· Provides logical use case development
· Provides and tracks requirements to engineering partners
· Identifies gaps in visibility or coverage of cyber defense systems
Basic Qualifications:
· Requires Bachelor's degree and 10 years of related experience or 4 additional of years in lieu of degree
· Demonstrated experience with Mitre ATT&CK
· Minimum of 5 years of experience in Cyber Security, InfoSec, Security Engineering, Network Engineering with emphasis in cyber security issues and operations, computer incident response, systems architecture, data management
· Excellent background with Splunk, Splunk ES, Splunk Processing Language
· Experience analyzing cyber-attacks utilizing various log data sources
· Excellent interpersonal, organizational, writing, communications, and briefing skills
· Demonstrated expertise utilizing SIEM tools for use case development and application
Security Clearance Requirements:
· Current/active TS/SCI with Polygraph
Required Certifications:
DOD 8570 IAT Level I or CSSP-IR
Familiarity with the following classes of enterprise cyber defense technologies:
· Security Information and Event Management (SIEM) systems (Splunk and/or Splunk Enterprise Security)
· SysMon
· Network Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS)
· Host Intrusion Detection System/Intrusion Prevention Systems (EDR/IDS/IPS)
· Network and Host malware detection and prevention (EDR/NDR)
· Network and Host forensic applications
· Web/Email gateway security technologies
· SOAR
· Azure
· Experience with Python, Yara, Snort, Sigma, or similar
5.24.IGLB.JD.22
For all positions requiring access to technology/software source code that is subject to export control laws, employment with the company is contingent on either verifying U.S.-person status or obtaining any necessary license. The applicant will be required to answer certain questions for export control purposes, and that information will be reviewed by compliance personnel to ensure compliance with federal law. ManTech may choose not to apply for a license for such individuals whose access to export-controlled technology or software source code may require authorization and may decline to proceed with an applicant on that basis alone.
ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active Duty Wartime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law.
If you require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please contact ManTech's Corporate EEO Department at (703) 218-6000. ManTech is an affirmative action/equal opportunity employer - minorities, females, disabled and protected veterans are urged to apply. ManTech's utilization of any external recruitment or job placement agency is predicated upon its full compliance with our equal opportunity/affirmative action policies. ManTech does not accept resumes from unsolicited recruiting firms. We pay no fees for unsolicited services.
If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access http://www.mantech.com/careers/Pages/careers.aspx as a result of your disability. To request an accommodation please click careers@mantech.com and provide your name and contact information.
Splunk Detection Engineer
Edgewater Federal Solutions, Inc. -
Bethesda, MD
Cybersecurity Detection Engineer
The Tatitlek Corporation -
Washington, DC
Cybersecurity Detection Engineer
Tatitlek Business Services, Inc. (TBSI) -
Washington, DC
