Job Description

ManTech is seeking a motivated, career and customer-oriented Cyber Security Detections Engineer, Senior to join our team in  Springfield, VA.

Responsibilities include, but are not limited to:

• Support Cyber Operations Squadron (COS) activities to publish up-to-date cybersecurity tool signatures (e.g. anti-virus and host-based security systems)
• Provide focused analysis, including reverse malware engineering, against intrusion, anomalies, malware, viruses to identify critical information about source, intended target, affected systems or hosts, recommended mitigation measures and risk to mission
• Formulate custom Security Information and Event Management (SIEM) tool content and IDS/IPS signatures to address threats
• Perform security event and incident correlation using information gathered from a variety of sources within the enterprise
• Analyze and assesses damage to the data / infrastructure as a result of cyber incidents
• Perform cyber incident trend analysis and reporting.
• Perform analysis of network traffic and system data to identify anomalous activity and potential threats to resources.
• Provide  detection , identification, and reporting of possible  cyber-attacks/intrusions, anomalous activities, and misuse activities
• Create and deploy threat-based signatures for operational intrusion  detection capabilities.
• Create and implement  detection rules from intelligence reporting

Basic Qualifications:

• Bachelor’s degree or 4+ years of additional experience
• 5+ years of Cyber Security experience
• Experience with modern Windows, UNIX, Linux, network operating systems, databases, and/or virtual computing
• Experience with Splunk
• Experience performing analysis of network traffic and correlating diverse security logs to perform recommendations for signature development
• Experience with enterprise security tools, including Security information and event management (SIEM), Threat intelligence platforms (TIPs), or Network monitoring tools
• Experience in creating, modifying, tuning, IDS signatures/SIEM correlation searches and other  detection signatures.
• Knowledge of implementation of countermeasures or mitigating controls
• Ability to support incident response and forensic operations as required to include static/dynamic malware analysis and reverse engineering
• DoD 8570 certification meeting IAT Level II (GSEC, Security+, SSCP, or CCNA-Security) or the ability to obtain within six months of hire

Preferred Qualifications:

• Knowledge of current COTS Cybersecurity technologies.
• Knowledge of MITRE ATT&CK Framework
• CNDSP-A (GCIA, GCIH, or CEH) or CNDSP-IR (GCIH, CSIH, or CEH) certification

Security Clearance Requirements:

• Must possess an active TS/SCI w/polygraph.

Physical Requirements:

• Must be able to remain in a stationary position 75% of the time
• Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine and computer printer
• Must be able to view and detect information on a computer screen

Job Tags

Similar Jobs