Senior Cyber Security Engineer

MANTECH seeks a motivated, career and customer-oriented Senior Cyber Security Engineer to join our team in Chantilly, VA. In this role, you will support mission-critical cybersecurity operations by designing, deploying, and maintaining secure, resilient data collection and monitoring solutions that enable informed decision-making across the enterprise. Responsibilities include but are not limited to:Troubleshoot new and existing data collection issues to ensure accurate and reliable ingestion of security-relevant data.Diagnose and resolve system issues that impact stability, performance, or usability.Deploy, manage, and maintain supported and unsupported Splunk Add-ons required for specific data sources.Develop and maintain documentation, including Body of Evidence (BOE) artifacts, engineering documentation, change management records, system security plans, and accreditation materials, as required.Deliver a comprehensive Splunk deployment document detailing specifications, deployment methods, and architectural considerations for production environments.Implement and maintain strict role-based access control to ensure data is accessible on a validated need-to-know basis.Design and deploy Splunk forwarders using centralized configuration management through the Splunk Deployment Server to support rapid and consistent deployments. Minimum Qualifications:Bachelor’s degree, or 4+ additional years of cyber engineering experience in lieu of a degree.5+ years of experience in a cybersecurity engineering role.Experience with deploying Security Information and Event Management (SIEM) platforms and/or Splunk in a large enterprise environment.Experience with deploying or managing AWS, Microsoft Azure, or other cloud environments.Experience with scripting languages such as Python or PowershellKnowledge of Linux systems administration, general operating system security practices, TCP/IP networking, and network security concepts.Knowledge of Certification and Accreditation (C&A) processes.Knowledge of DoD policy and technical security guidance for information systems.DoD Directive 8570.1 IAT Level II or higher certification, or the ability to obtain within six (6) months. Preferred Qualifications:Experience with Linux distributions, including Red Hat and CentOS.Experience with AWS or other cloud environments.Knowledge of ICS 500-27 audit collection requirements.Familiarity with Enterprise Security Services, Host Based Security Services, Enterprise Vulnerability Scanning Services, and User Activity Monitoring (UAM).Ability to modify feed creation to ingest customer logs in standardized formats to meet policy and compliance requirements.Splunk Architect certification or higherExperience with Cribl Clearance Requirements:An active TS/SCI with Polygraph is required. Physical Requirements:Must be able to remain in a stationary position 50% of the time.Occasionally moves about inside the office to access file cabinets, office machinery, or to communicate with co-workers, management, and customers via email, phone, or virtual communication, which may involve delivering presentations.