Senior Cyber Security SIEM Specialist with Security Clearance
ManTech International
2024-11-07 16:42:38
Herndon, Virginia, United States
Job type: fulltime
Job industry: I.T. & Communications
Job description
Description & Requirements Become an integral part of a diverse team while working at an Industry Leading Organization, where our employees come first. At ManTech International, you'll help protect our national security while working on innovative projects that offer opportunities for advancement. We are seeking a highly skilled and motivated Senior Cyber Security SIEM Specialist to join our Network Operations Security Center (NOSC). The ideal candidate will be an expert in Security Information and Event Management (SIEM) systems, responsible for designing, implementing, and maintaining SIEM solutions to protect DHS's networks and information systems from cyber threats. Responsibilities include, but are not limited to: Develop and implement the enterprise Security Information and Event Monitoring (SIEM) strategy and tool implementation via Splunk, design data flow diagrams and alert feed architectures to ensure seamless alert integration Develop and maintain SIEM architecture, including data sources, log management, and alerting mechanisms Configure tools, settings, alerts, and notifications to improve the enterprise security and resilience capabilities, including implementation of Security Orchestration and Automation for Response (SOAR) capabilities. Develop content for rule implementation on network border devices (firewalls, routers, switches, IDS/IPS, Taclanes, etc.) Monitor security events and alerts, conducting detailed analysis to identify potential security incidents Participates in response activities to all major enterprise outages Collaborate with incident response teams to investigate and remediate security incidents. Perform regular system health checks, maintenance, and upgrades to ensure SIEM performance and reliability Provide technical guidance and support to junior analysts and other team members Stay current with the latest SIEM technologies, cyber threats, and best practices Develop and deliver training sessions on SIEM tools and techniques for DHS staff Basic Qualifications: A bachelor's degree in computer science, information technology, cybersecurity, or a related field A minimum of (8) eight years of experience in cybersecurity with a focus on SIEM engineering and operations Proficiency with SIEM platforms (e.g., Splunk, Swimlane, ArcSight, QRadar, LogRhythm) Strong understanding of network protocols, system logs, and security event correlation Experience in developing and tuning SIEM use cases, correlation rules, and alerts Preferred Qualifications: Relevant certifications, such as: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Ethical Hacker (CEH) -OR- SIEM specific certifications (e.g., Splunk Certified Power User) A master's degree Experience working in a government or defense environment. Familiarity with DHS policies and procedures. Knowledge of broader cybersecurity frameworks (e.g., NIST, ISO 27001). Clearance Requirements: Must be a U.S. citizen Must possess a Secret clearance Must to able to obtain and maintain a Top-Secret clearance Physical Requirements: Must be able to remain in a stationary position for extended periods of time. Needs to occasionally move about inside the office to access file cabinets, office machinery, etc. Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine and computer printer. The person in this position frequently communicates with co-workers, management, and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations. For all positions requiring access to technology/software source code that is subject to export control laws, employment with the company is contingent on either verifying U.S.-person status or obtaining any necessary license. The applicant will be required to answer certain questions for export control purposes, and that information will be reviewed by compliance personnel to ensure compliance with federal law. ManTech may choose not to apply for a license for such individuals whose access to export-controlled technology or software source code may require authorization and may decline to proceed with an applicant on that basis alone. ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active Duty Wartime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law. If you require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please contact ManTech's Corporate EEO Department at . ManTech is an affirmative action/equal opportunity employer - minorities, females, disabled and protected veterans are urged to apply. ManTech's utilization of any external recruitment or job placement agency is predicated upon its full compliance with our equal opportunity/affirmative action policies. ManTech does not accept resumes from unsolicited recruiting firms. We pay no fees for unsolicited services. If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access as a result of your disability. To request an accommodation please click and provide your name and contact information.