Job Description

Mantech seeks a motivated and experienced Principal Cyber Security Engineer to join our team in Denver, CO . This role supports mission-critical cybersecurity efforts by engineering and maintaining secure, scalable systems for data collection and analysis. You will work with a collaborative team to resolve complex system issues, document engineering solutions, and ensure compliance with cybersecurity standards.

Responsibilities include but are not limited to:

• Troubleshooting new and current data collection issues
• Diagnosing and resolving system issues that affect system stability or usability
• Deploying and managing supported and unsupported Splunk Add-ons required for specific data sources
• Creating and maintaining documentation including Body of Evidence (BOE) documents, engineering artifacts, change management records, system security plans, and accreditation packages
• Delivering detailed Splunk deployment documentation outlining specifications, deployment methods, and architectural considerations for production environments
• Implementing and maintaining strict role-based access control (RBAC) around collected data to enforce need-to-know access
• Designing and deploying Splunk forwarders using centralized configuration management through the Splunk Deployment Server

Minimum Qualifications:

• Bachelor’s degree or 4+ additional years of cyber experience in lieu of a degree
• 7+ years of experience in a cybersecurity role
• Hands-on experience with Security Information and Event Management (SIEM) platforms, particularly Splunk
• Proficiency with Linux systems administration, operating system security best practices, TCP/IP networking, and network security fundamentals
• Familiarity with Certification & Accreditation (C&A) processes
• Knowledge of Department of Defense (DoD) policy and technical security guidance applicable to information systems
• DoD Directive 8570.1 IAT Level II or higher certification, or ability to obtain within 6 months
• Splunk Certification is required

Preferred Qualifications:

• Experience with Linux distributions such as Red Hat and CentOS
• Background working in cloud environments like AWS
• Knowledge of ICS 500-27 audit collection requirements
• Familiarity with Enterprise Security Services, Host-Based Security Services, Enterprise Vulnerability Scanning, and User Activity Monitoring (UAM)
• Ability to configure feed creation processes for customer log ingestion in compliance with policy requirements

Clearance Requirements:

• Must have a current/active TS/SCI with Polygraph

Physical Requirements:

• The person in this position must be able to remain in a stationary position 50% of the time. Occasionally move about inside the office to access file cabinets, office machinery, or to communicate with co-workers, management, and customers, via email, phone, and/or virtual communication, which may involve delivering presentations.

Job Tags

Similar Jobs