Job Description

Principal Cyber Security Engineer at ManTech summary:

The Principal Cyber Security Engineer at Mantech is responsible for designing, deploying, and maintaining secure and scalable cybersecurity solutions, primarily using Splunk SIEM platforms to support mission-critical data collection and analysis. The role involves troubleshooting system issues, implementing access controls, and ensuring compliance with DoD cybersecurity standards and certification requirements. This position requires extensive experience with Linux administration, network security, and security documentation in a highly secure environment requiring TS/SCI clearance.

Mantech seeks a motivated and experienced Principal Cyber Security Engineer to join our team in Denver, CO . This role supports mission-critical cybersecurity efforts by engineering and maintaining secure, scalable systems for data collection and analysis. You will work with a collaborative team to resolve complex system issues, document engineering solutions, and ensure compliance with cybersecurity standards.

Responsibilities include but are not limited to:

• Troubleshooting new and current data collection issues
• Diagnosing and resolving system issues that affect system stability or usability
• Deploying and managing supported and unsupported Splunk Add-ons required for specific data sources
• Creating and maintaining documentation including Body of Evidence (BOE) documents, engineering artifacts, change management records, system security plans, and accreditation packages
• Delivering detailed Splunk deployment documentation outlining specifications, deployment methods, and architectural considerations for production environments
• Implementing and maintaining strict role-based access control (RBAC) around collected data to enforce need-to-know access
• Designing and deploying Splunk forwarders using centralized configuration management through the Splunk Deployment Server

Minimum Qualifications:

• Bachelor’s degree or 4+ additional years of cyber experience in lieu of a degree
• 7+ years of experience in a cybersecurity role
• Hands-on experience with Security Information and Event Management (SIEM) platforms, particularly Splunk
• Proficiency with Linux systems administration, operating system security best practices, TCP/IP networking, and network security fundamentals
• Familiarity with Certification & Accreditation (C&A) processes
• Knowledge of Department of Defense (DoD) policy and technical security guidance applicable to information systems
• DoD Directive 8570.1 IAT Level II or higher certification, or ability to obtain within 6 months
• Splunk Certification is required

Preferred Qualifications:

• Experience with Linux distributions such as Red Hat and CentOS
• Background working in cloud environments like AWS
• Knowledge of ICS 500-27 audit collection requirements
• Familiarity with Enterprise Security Services, Host-Based Security Services, Enterprise Vulnerability Scanning, and User Activity Monitoring (UAM)
• Ability to configure feed creation processes for customer log ingestion in compliance with policy requirements

Clearance Requirements:

• Must have a current/active TS/SCI with Polygraph

Physical Requirements:

• The person in this position must be able to remain in a stationary position 50% of the time. Occasionally move about inside the office to access file cabinets, office machinery, or to communicate with co-workers, management, and customers, via email, phone, and/or virtual communication, which may involve delivering presentations.

Keywords:

Cyber Security, Splunk SIEM, Data Security, System Troubleshooting, Role-Based Access Control, Linux Administration, Network Security, DoD Compliance, TS/SCI Clearance, Cloud Security

Job Tags

Similar Jobs