Job Description

Principal Cyber Security Engineer at ManTech summary:

The Principal Cyber Security Engineer designs, deploys, and maintains secure and scalable cybersecurity systems to support mission-critical data collection and analysis. They troubleshoot system issues, manage Splunk deployments, enforce strict access control, and ensure compliance with cybersecurity standards and DoD policies. This role requires extensive cybersecurity experience, Splunk expertise, and active TS/SCI clearance to support secure operations in cloud and on-premises environments.

Mantech seeks a motivated and experienced Principal Cyber Security Engineer to join our team in Denver, CO . This role supports mission-critical cybersecurity efforts by engineering and maintaining secure, scalable systems for data collection and analysis. You will work with a collaborative team to resolve complex system issues, document engineering solutions, and ensure compliance with cybersecurity standards.

Responsibilities include but are not limited to:

• Troubleshooting new and current data collection issues
• Diagnosing and resolving system issues that affect system stability or usability
• Deploying and managing supported and unsupported Splunk Add-ons required for specific data sources
• Creating and maintaining documentation including Body of Evidence (BOE) documents, engineering artifacts, change management records, system security plans, and accreditation packages
• Delivering detailed Splunk deployment documentation outlining specifications, deployment methods, and architectural considerations for production environments
• Implementing and maintaining strict role-based access control (RBAC) around collected data to enforce need-to-know access
• Designing and deploying Splunk forwarders using centralized configuration management through the Splunk Deployment Server

Minimum Qualifications:

• Bachelor’s degree or 4+ additional years of cyber experience in lieu of a degree
• 7+ years of experience in a cybersecurity role
• Hands-on experience with Security Information and Event Management (SIEM) platforms, particularly Splunk
• Proficiency with Linux systems administration, operating system security best practices, TCP/IP networking, and network security fundamentals
• Familiarity with Certification & Accreditation (C&A) processes
• Knowledge of Department of Defense (DoD) policy and technical security guidance applicable to information systems
• DoD Directive 8570.1 IAT Level II or higher certification, or ability to obtain within 6 months
• Splunk Certification is required

Preferred Qualifications:

• Experience with Linux distributions such as Red Hat and CentOS
• Background working in cloud environments like AWS
• Knowledge of ICS 500-27 audit collection requirements
• Familiarity with Enterprise Security Services, Host-Based Security Services, Enterprise Vulnerability Scanning, and User Activity Monitoring (UAM)
• Ability to configure feed creation processes for customer log ingestion in compliance with policy requirements

Clearance Requirements:

• Must have a current/active TS/SCI with Polygraph

Physical Requirements:

• The person in this position must be able to remain in a stationary position 50% of the time. Occasionally move about inside the office to access file cabinets, office machinery, or to communicate with co-workers, management, and customers, via email, phone, and/or virtual communication, which may involve delivering presentations.

Keywords:

cybersecurity, Splunk, SIEM, Linux administration, network security, DoD compliance, role-based access control, security engineering, cloud security, threat detection

Job Tags

Similar Jobs