Cyber Engineer

MANTECH seeks a skilled and innovative Cyber Engineer to support our cybersecurity operations in McLean, VA.

In this role, you will leverage your technical expertise to create, refine, and manage detection logic and signatures across a suite of enterprise cyber defense platforms. Your work will directly contribute to safeguarding mission-critical systems by developing actionable content and solutions for advanced threat detection and mitigation. You will play a pivotal role in tuning and enhancing detection capabilities to proactively address evolving threats.

Responsibilities include but are not limited to:

• Providing subject matter expertise in the creation, editing, and management of signatures, rules, and filters for specialized network defense systems including network and host-based IDS, IPS, NDR, EDR, firewall, web application firewalls, and proxy
• Managing and administering the tuning of rules, signatures, and custom content within platforms such as Splunk Enterprise Security
• Identifying potential conflicts with implementation of CND tools and developing recommendations to remediate these conflicts
• Supporting inter-agency collaboration by managing relationships with partner organizations to facilitate mission execution
• Innovating creative solutions to address technical challenges and gaps
• Developing logical use cases and tracking requirements to engineering teams
• Identifying and addressing visibility or coverage gaps in cyber defense systems
• Preparing and briefing leadership and partners on detection system status and proposed enhancements
• Performing data analytics and reporting to inform decisions and strategies

Minimum Qualifications

• 5+ years of progressively responsible experience in Cyber Security, InfoSec, Security Engineering, or Network Engineering with emphasis on cyber operations, incident response, or systems architecture
• Demonstrated expertise utilizing SIEM tools (e.g., Splunk) for detection use case development
• Excellent interpersonal, organizational, writing, and briefing skills
• Experience with enterprise cyber defense technologies, including:
  • Incident response analysis
  • Splunk Enterprise Security
  • Network/Host IDS/IPS
  • Security Orchestration Automation and Response (SOAR)
  • Endpoint and Network Detection and Response (EDR/NDR)
  • User Behavior Analytics (UBA)
  • Malware detection/prevention
  • Network and host forensic applications
  • Web and email gateway security technologies

Preferred Qualifications

• Strong analytical, problem solving, and communication skills
• BS degree in electrical engineering, computer engineering, computer science, or closely related IT discipline
• Excellent interpersonal, organizational, writing, and briefing skills

Clearance Requirements

• An active/current TS/SCI with Polygraph clearance is required to be considered for this position.

Physical Requirements

• Must be able to remain in a stationary position 50% of the time.
• Needs to occasionally move about inside the office to access file cabinets, office machinery, etc.
• Frequently communicates with co-workers, management, and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations.