Today
Top Secret
Unspecified
Unspecified
Engineering - Systems
Huntsville, AL (On-Site/Office)
ManTech seeks a highly skilled and knowledgeable Cyber Data and Applications Lead who is responsible for developing, operating, maintaining, and enhancing a suite of cybersecurity tools deployed across secure enclaves to support incident response, threat detection, and event monitoring, as well as integrating data from centralized and local system sources. This position is located on customer site in Huntsville, AL.
Responsibilities include but are not limited to:
Basic Qualifications:
Preferred Qualifications:
Security Clearance Requirements:
Physical Requirements:
Responsibilities include but are not limited to:
- Design, develop, deliver, and sustain cyber capabilities/applications, algorithms, and automation to optimize workflows and improve data analysis to support a SOC and other cyber groups; responsible for program design, coding, testing, debugging, and documentation.
- Maintain data ingestion configurations to collect and parse log and event data from various sources and various threat intelligence data and feeds into the SIEM.
- Create and optimize queries and rules to detect suspicious activities or patterns in the data in the SIEM platform.
- Develop and maintain playbooks, reports, dashboards, and automated responses for the SIEM; develop reports and dashboards for compliance monitoring and reporting from SIEM data.
- Ensure that cyber tools and infrastructure remain operational, resilient, and adaptable to evolving threats.
- Recommend and utilize the appropriate programming language for each component or workload based upon performance requirements, supportability, integration with existing components, maintainability, and other selection criteria deemed applicable.
- Ensure DevSecOps and CI/CD processes and SOPs for Agile (SAFe, Scrum, Kanban) and DevSecOps methods are documented and maintained.
Basic Qualifications:
- Bachelor's degree, preferably in IT, Cybersecurity, Engineering, Computer Science, Mathematics, or related discipline.
- 7+ years of IT experience.
- 2+ years of experience leading a team using DevSecOps methods to support development and maintaining cyber applications/tools for a SOC or cyber program.
- 3+ years of experience in Linux administration, as well as testing, implementing, deploying, maintaining, and administering infrastructure hardware and software for a cybersecurity/SOC environment.
- 3+ years of experience developing, creating, modifying, and maintaining computer applications, software, or specialized utility programs for cybersecurity
- In-depth experience with design and development of complex server based, client/server, service oriented, micro-service, and/or n-tiered applications in a hybrid environment (on premise and AWS cloud).
Preferred Qualifications:
- Experience integrating third-party components, introducing new custom capabilities, modifying existing code, recommending process improvements, and automating operations and maintenance tasks for applications and tools for a SOC environment.
- 2+ years of experience with Oracle and MS SQL based platforms.
- 2+ years of experience with Python and other scripting languages.
- 2+ years of experience with Splunk.
- Preferred certifications: Red Hat Certified Systems Administrator (RHCSA), AWS Certified Cloud Practitioner, AWS Certified DevOps Engineer Associate
Security Clearance Requirements:
- Must possess active Top Secret security clearance with SCI eligibility
Physical Requirements:
- Must be able to remain in a stationary position 50%
- Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine and computer printer
- The person in this position frequently communicates with co-workers, management and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations.
group id: RTX14564a
ManTech Corporate Capabilities
