What are the responsibilities and job description for the Cybersecurity Engineer with Expertise in Detections position at ManTech?
About Us:
We are ManTech, a leading provider of innovative technologies and solutions for national security programs. We are seeking an experienced Senior Cyber Security Engineer to join our team and contribute to the development of cutting-edge cybersecurity solutions.
Job Description:
The successful candidate will be responsible for developing and implementing cybersecurity solutions to protect our systems and data. Key responsibilities include:
- Developing and maintaining cybersecurity tool signatures to detect and prevent cyber threats.
- Analyzing complex cyber threats to identify potential vulnerabilities and develop mitigation strategies.
- Formulating custom SIEM tool content and IDS/IPS signatures to address emerging threats.
- Correlating security events and incidents using information gathered from various sources within the enterprise.
- Analyzing and assessing damage to data and infrastructure resulting from cyber incidents.
- Conducting trend analysis and reporting on cyber incidents to inform mitigation strategies.
- Characterizing and analyzing network traffic and system data to identify anomalous activity and potential threats to resources.
- Providing detection, identification, and reporting of possible cyber-attacks/intrusions, anomalous activities, and misuse activities.
- Creating and deploying threat-based signatures for operational intrusion detection capabilities.
- Developing and implementing detection rules from intelligence reporting.
Requirements:
- Bachelor's degree or 4 additional years of experience.
- Minimum 5 years of related experience.
- Experience with modern operating systems, databases, and virtual computing.
- Experience with Splunk.
- DoD 8570 certification meeting IAT Level II (GSEC, Security , SSCP, or CCNA-Security) required.
- Experience performing analysis of network traffic and correlating diverse security logs to inform signature development.
- Knowledge of counter-measure implementation and mitigating controls.
- Ability to support incident response and forensic operations as required, including static/dynamic malware analysis and reverse engineering.
- Experience with enterprise security tools, including SIEM, TIPs, or Network monitoring tools.
- Experience creating, modifying, tuning, IDS signatures/SIEM correlation searches and other detection signatures.
