Today
Dept of Homeland Security
Unspecified
Unspecified
IT - Security
Herndon, VA (On-Site/Office)
ManTech seeks a motivated, career and customer-oriented Senior Cyber Security SIEM Specialist to join our team in the DC, Maryland, and Virginia (Northern) DMV area .
In this role you will be an expert in Security Information and Event Management (SIEM) systems, responsible for designing, implementing, and maintaining SIEM solutions to protect DHS's networks and information systems from cyber threats.
Responsibilities include, but are not limited to:
Minimum Qualifications:
Preferred Qualifications:
Clearance Requirements:
Physical Requirements:
In this role you will be an expert in Security Information and Event Management (SIEM) systems, responsible for designing, implementing, and maintaining SIEM solutions to protect DHS's networks and information systems from cyber threats.
Responsibilities include, but are not limited to:
- Develop and implement the enterprise Security Information and Event Monitoring (SIEM) strategy and tool implementation via Splunk, design data flow diagrams and alert feed architectures to ensure seamless alert integration
- Develop and maintain SIEM architecture, including data sources, log management, and alerting mechanisms
- Configure tools, settings, alerts, and notifications to improve the enterprise security and resilience capabilities, including implementation of Security Orchestration and Automation for Response (SOAR) capabilities.
- Develop content for rule implementation on network border devices (firewalls, routers, switches, IDS/IPS, Taclanes, etc.)
- Monitor security events and alerts, conducting detailed analysis to identify potential security incidents
- Participates in response activities to all major enterprise outages. Provide technical guidance and support to junior analysts and other team members.Stay current with the latest SIEM technologies, cyber threats, and best practices
- Collaborate with incident response teams to investigate and remediate security incidents.
Minimum Qualifications:
- 8+ years of experience in cybersecurity with a focus on SIEM engineering and operations
- A bachelor's degree in computer science, information technology, cybersecurity, or a related field
- Proficiency with SIEM platforms (e.g., Splunk, Swimlane, ArcSight, QRadar, LogRhythm)
- Strong understanding of network protocols, system logs, and security event correlation
- Experience in developing and tuning SIEM use cases, correlation rules, and alerts
Preferred Qualifications:
- Relevant certifications, such as: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Ethical Hacker (CEH) -OR- SIEM specific certifications (e.g., Splunk Certified Power User)
- A master's degree
- Experience working in a government or defense environment (specifically DHS policies and procedures).
- Knowledge of broader cybersecurity frameworks (e.g., NIST, ISO 27001)
Clearance Requirements:
- Must have a current/active Secret clearance with the ability to obtain and maintain a TS/SCI .
- The ability to obtain and maintain a DHS EOD suitability is required prior to starting this position.
Physical Requirements:
- Must be able to remain in a stationary position for extended periods of time.
- Needs to occasionally move about inside the office to access file cabinets, office machinery, etc.
- Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine and computer printer.
- The person in this position frequently communicates with co-workers, management, and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations.
group id: RTX14564a
ManTech Corporate Capabilities
