Senior Principal Cyber Security Engineer

Full Time Denver CO ManTech

ManTech seeks a motivated, career and customer-oriented Senior Principal Cyber Security Engineer to join our team in the Denver, CO.

Responsibilities include but are not limited to:

  • Troubleshoot new and current data collection issues

  • Troubleshoot system issues that make the system unstable or unusable.

  • Deploy and manage all supported and unsupported Splunk Add-ons that are required for specific data sources

  • Provide documentation such as body of evidence documents (as needed), engineering documents, change management documents, system security plans, and accreditation documents

  • Deliver a comprehensive Splunk deployment document to detail the specifications, deployment methods, and other architectural considerations to the production environment.

  • Maintain a strict role-based access control solution around the data collected, to provide a need-to-know ability

  • Forward Configurations and Deployments: Design and deploy forwarders rapidly with centralized configuration management (Splunk Deployment Server).

Minimum Qualifications

  • Bachelor’s degree or 4+ additional years of cyber experience in lieu of degree

  • 10+ years of experience in a cyber role

  • Experience with Security Information and Event Management (SIEM) platforms, and/or Splunk

  • Knowledge of Linux systems administration, general operating system security practices, TCP/IP networking, and network security concepts

  • Knowledge of Certification & Accreditation processes

  • Knowledge of DoD policy and technical security guidance to information systems

  • DoD Directive 8570.1 IAT Level II or higher certification or ability to obtain within 6 months.

  • Splunk Certification is required

Preferred Qualifications:

  • Experience with Linux, Red Hat and CentOS

  • Experience with AWS or other cloud environments

  • Knowledge of ICS 500-27 for Audit collection requirements

  • Knowledge of Enterprise Security Services, Host Base Security Service, Enterprise Vulnerability Scanning Service, and UAM

  • Ability to modify feed creation to ingest customer logs in a standard format to meet policy requirements.

Security Clearance Requirements:

  • Must have a current/active TS/SCI w/Polygraph

Physical Requirements:

  • The person in this position must be able to remain in a stationary position 50% of the time. Occasionally move about inside the office to access file cabinets, office machinery, or to communicate with co-workers, management, and customers, via email, phone, and or virtual communication, which may involve delivering presentations.

To apply for this job please visit itjobpro.com.