ManTech is seeking a motivated, career and customer-oriented Cyber Security Engineer, Principal serving as a Splunk Engineer to join our team in the Chantilly, VA.
Responsibilities include, but are not limited to:
- Responsible for day-day operation of large Splunk environment.
- Troubleshooting new and current data collection issues
- Troubleshooting system issues that make the system unstable or unusable.
- Deployment and Managing all supported and unsupported Splunk Add-ons that are required for specific data sources
- Responsible for Splunk Upgrades to all Splunk Enterprise servers
- Integrations with other systems via API or other similar methods
- Provide documentation such as body of evidence documents (as needed), engineering documents, change management documents, system security plans, and accreditation documents
- Deliver a comprehensive Splunk deployment document to detail the specifications, deployment methods, and other architectural considerations to the production environment.
- Maintain a strict role-based access control solution around the data collected, to provide a need-to-know ability
- Forwarder Configurations and Deployments: Design and deploy forwarders rapidly with centralized configuration management (Splunk Deployment Server).
- Oversee Knowledge Object Management such as CIM management and tuning
- Oversee Enterprise Security configurations and tuning
Basic Qualifications:
- Bachelor’s degree or 4+ additional years of experience in lieu of degree
- 7+ years of cyber experience
- 5+ years working in an Enterprise environment as a cyber engineer, system administrator or other security personnel
- 3+years of experience with Splunk Enterprise Security
- Experience with Unix and Windows operating systems
- Experience with network monitoring tools
- Knowledge of network protocols
- DoD 8570 IAT Level II certification or the ability to obtain within six months of hire
Preferred Qualifications:
- 5+ years of experience with scripting languages (bash), application development (Java, Perl, Python, .NET), databases and analytical tools
- Experience with security and operational related use cases is desired
- Splunk certifications: Architect, Consultant I, Consultant II, Admin, Power User
Security Clearance Requirements:
- Must possess an active TS/SCI w/polygraph.
Physical Requirements:
- Must be able to remain in a stationary position 75% of the time
- Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine and computer printer
- Must be able to view and detect information on a computer screen