Become an integral part of a diverse team that leads the world in Mission, Cyber, and Intelligence Solutions. At ManTech International Corporation, you will help protect our national security while working on innovative projects that offer opportunities for advancement.
As the Cyber Security Engineer you will:
1) Meet with business users to gather requirements and make recommendations for meeting customer requirements within the SIEM.
2) Determine how best to leverage ArcSight ESM (and associated products) to meet the strategic goals by defining “use cases”.
3) Lead the development of the specific content necessary to meet the organization’s security operations goals to include: the formation of content-specific queries, templates, reports, rules, alerts, dashboards, and workflow.
4) Perform installation, configuration, and technical administration of ArcSight product components, to include: ArcSight ESM and Logger; and 5) Integrate data and event feeds with ArcSight SIEM.
As the Cyber Security Engineer you will be working in a highly active environment where multiple tasks are expected to be worked simultaneous; consequently, you must be able to work independently of others and be efficient with your time.
You must possess 2+ years of security engineering experience working in a non-management technical role to integrate COTS products.
You must be familiar with Linux/Unix environments to include both workstation and server functions and must be proficient in Microsoft Windows platforms. Active Directory experience is desired. You must be familiar with security analytical/vulnerability assessments tools.
• Develop modules on ArcSight platforms that address the latest security scenarios, threats, and regulatory compliance issues
• Research and develop content for ArcSight Solution Packages, including correlation rules, dashboards, reports, visualizations, etc.
• Build and implement infrastructure security solutions
• Develop a comprehensive SIEM architecture to support real-time security monitoring operations
• Build and implement SIEM reporting to inform and assist clients' incident response teams and security managers
• Troubleshoot and configure networking devices, various platforms, and database (Oracle) Windows and/or UNIX system administration
• Experience working with remote access systems (SSLVPN appliances, network admission control/end point control services, token based authentication, integration with Active Directory and Windows)
• Design, configure, and manage/administer network infrastructures
• Review and assist in development of requirements and technical specs
• Development of end use content in forms of technical specifications, systems solution architectures and white papers establishing solutions guidelines
• Direct experience in customer engagements, business case analysis, go-to-market messaging and planning, and new product introduction
• Develop security related code modules for use in new and existing applications
• Proactively monitor and report on current Internet threats, as they relate the company's deployed product base
• Utilize compliance and vulnerability assessment tools to analyze products for configuration and patch vulnerabilities
• Implement security event analysis and intrusion detection (Firewalls, VPNs, VLANs, IDS/IPS Incident response - triage, incident analysis, remediation)
• 4+ years of hands-on experience in Network Security, Data Privacy, Risk management, Security Analysis, OR Incident Response
• Experience with one or more of the following Security Information Management products: ArcSight, HP OpenView, Tivoli, CA, BMC, etc.
• Relevant certifications such as CCNP, CCNA, SANS, CISSP, Security+, etc.
• Experienced in large scale network security design, deployment and support
• Hands on experience in installing, deploying, documenting, and troubleshooting network perimeter security technologies such as firewalls, proxy servers, intrusion prevention/detection (IDS/IPS), antivirus, antimalware, anti-spam and unified threat management (UTM).
• Knowledge of security compliance policy, programs, processes, and metrics
• Knowledge of Cyber Security and Information Protection and Privacy
• Knowledge of Internal audit and corrective action plans for information protection and security
• Knowledge of network engineering concepts
• Experience with leading or mentoring a team of network security practitioners
• Experience with security engineering, including security testing and evaluation, certification and accreditation, or penetration testing
• Strong Networking background combined with Strong Security
• Must possess excellent interpersonal and communication skills
• Possess the ability to be a self driven quick learner with attention to details and quality
Security Requirements: U.S. Citizenship and an active DoD TS/SCI clearance based upon a SSBI completed within the last 5 years. Must be willing to submit to an initial and random polygraph.
Requires Bachelor’s degree or equivalent, and five to seven years of related experience.
Years of Experience
07-09 years w/Bachelors Degree
11-13 years w/High School Diploma
ManTech Int'l Corp. - 2 years ago