This job is closed

We regret to inform you that the job you were interested in has been closed. Although this specific position is no longer available, we encourage you to continue exploring other opportunities on our job board.

Cyber Security Detections Engineer, Senior

$99,200 - $164,600/Yr

ManTech - Denver, CO

posted 2 months ago

Full-time - Senior
Remote - Denver, CO
Professional, Scientific, and Technical Services

About the position

ManTech is seeking a motivated and customer-oriented Senior Cyber Security Engineer specializing in detections to join our team in Denver, CO. This role involves providing critical support to Cyber Operations Squadron activities, focusing on cybersecurity tool signatures, malware analysis, and incident response. The engineer will be responsible for formulating custom SIEM tool content, analyzing network traffic, and creating detection rules to enhance operational security.

Responsibilities

  • Support Cyber Operations Squadron activities to publish up-to-date cybersecurity tool signatures.
  • Provide focused analysis, including reverse malware engineering, against intrusion, anomalies, malware, and viruses.
  • Formulate custom Security Information and Event Management (SIEM) tool content and IDS/IPS signatures to address threats.
  • Perform security event and incident correlation using information gathered from various sources within the enterprise.
  • Analyze and assess damage to data/infrastructure as a result of cyber incidents.
  • Perform cyber incident trend analysis and reporting.
  • Characterize and analyze network traffic and system data to identify anomalous activity and potential threats.
  • Provide detection, identification, and reporting of possible cyber-attacks/intrusions and misuse activities.
  • Create and deploy threat-based signatures for operational intrusion detection capabilities.
  • Create and implement detection rules from intelligence reporting.

Requirements

  • Minimum of 5+ years of related experience.
  • B.S. degree or 4+ additional years of technical experience.
  • Experience with modern Windows, UNIX, Linux, network operating systems, databases, and virtual computing.
  • Experience with Splunk.
  • DoD 8570 certification meeting IAT Level II (GSEC, Security+, SSCP, or CCNA-Security) required.
  • CNDSP-A (GCIA, GCIH, or CEH) or CNDSP-IR (GCIH, CSIH, or CEH) certification required.
  • Experience performing analysis of network traffic and correlating diverse security logs for signature development.
  • Knowledge of implementation of counter-measures or mitigating controls.
  • Ability to support incident response and forensic operations, including malware analysis and reverse engineering.
  • Experience with enterprise security tools, including SIEM, Threat intelligence platforms, or Network monitoring tools.

Nice-to-haves

  • Proficient in Linux operating systems.
  • Advanced skills in Linux/Unix (command line user - proficient and used in last 6 months).
  • Working knowledge of current COTS Cybersecurity technologies.
  • Familiar with MITRE ATT&CK Framework.

Benefits

  • Health Insurance
  • Life Insurance
  • Paid Time Off
  • Holiday Pay
  • Short Term and Long Term Disability
  • Retirement and Savings
  • Learning and Development opportunities
  • Wellness programs
  • Other optional benefit elections
Job Description Matching

Match and compare your resume to any job description

Start Matching

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service