Staff Cyber Security Engineer

MANTECH is seeking a motivated, career- and customer-oriented Cyber Security Engineer to join our team in Chantilly, VA. The ideal candidate will support a high-tempo government customer by delivering cybersecurity engineering, system administration, and SIEM support across multiple operational environments.

Responsibilities

• Perform customer-requested tasks and resolve incident tickets using the ServiceNow service delivery platform.
• Onboard, configure, and administer customer assets, including operating systems, applications, and network devices, across multiple security enclaves.
• Provide Linux and Windows systems administration support for both operational and audit environments.
• Participate in beta testing, evaluation, integration, and deployment of Audit Enterprise and SIEM system enhancements.
• Maintain, evaluate, and update engineering instruction sets, standard operating procedures (SOPs), and operational documentation.
• Verify and validate system operations, including audit event processing, metrics generation, and required audit coverage.
• Develop, maintain, and support SIEM capabilities, including search queries, data collection, flex connectors, regex parsing, and customer data validation.
• Operate effectively in a fast-paced, mission-focused government environment.

Minimum Qualifications

• Bachelor's degree, or an additional 4+ years of relevant IT experience in lieu of a degree.
• 2+ years of cybersecurity and/or IT experience.
• DoD Directive 8570.01-M IAT Level II (or higher) certification, or the ability to obtain within six (6) months of hire.
• Experience supporting cybersecurity engineering activities across Linux- and Windows-based systems.
• Ability to apply cybersecurity policies, standards, and technical security guidance to information systems.
• Hands-on experience with system hardening, vulnerability management, and security configuration baselines.
• Working knowledge of TCP/IP networking, network security concepts, and secure system architectures.

Preferred Qualifications

• Experience with Security Information and Event Management (SIEM) platforms, preferably NetWitness and/or ArcSight, including log ingestion and feed creation to meet policy requirements.
• Experience administering Linux and Windows environments, including Red Hat, CentOS, Windows Server, and workstation systems.
• Experience developing custom parsers to normalize customer logs and ingest unique metadata into standardized log formats.
• Familiarity with cloud environments and certifications, current commercial off-the-shelf (COTS) cybersecurity technologies, and enterprise security services such as Host Based Security System (HBSS), Enterprise Vulnerability Scanning Service (EVSS), and Enterprise Audit.

Clearance Requirements

• Must possess a current and active TS/SCI with Polygraph.

Physical Requirements

• The person in this position must be able to remain in a stationary position up to 50% of the time.
• Occasionally moves about the office to access file cabinets, office machinery, or to communicate with coworkers, management, and customers via email, phone, and virtual communications, which may include delivering presentations.