Cyber Detection Engineer

ManTech

ManTech seeks a motivated, career and customer-oriented CyberDetection Engineer to join our team in McLean, Virginia. As a Cyber Detection Engineer on our team, you will enhance our cybersecurity detection and response capabilities. You will play a key role in improving our ability to identify, analyze, and respond to cyber threats through custom detection logic, automated workflows, and advanced threat-hunting techniques. This role is ideal for someone with strong programming skills, deep knowledge of Security Information & Event Management(SIEM) platforms, and experience developing high-fidelity security detections and automation workflows.

Responsibilities include, but are not limited to:

• Detection Engineering & Development
• Security Automation & Orchestration
• Threat Detection & Analysis
• Endpoint & Network Security (EDR & NDR)

Required Qualifications:

• Bachelor’s Degree and 2+ years of experience in cyber security operations or High School Diploma and 6+ years of experience in operations
• Experience in cyber detection engineering, threat hunting, incident response, cyber network operations (CNO) or cyber network engineering (CNE)
• Experience programming in Python or a similar language for automation and data analysis
• Experience with SIEM platforms such as Splunk, ELK, Sentinel, Chronicle, or similar
• Experience with YARA, Snort, Suricata, or other signature-based detection technologies
• Experience working with MITRE ATT&CK framework, or similar, for adversary tactics and techniques mapping

Preferred Qualifications:

• Experience with penetration testing, red teaming, or reverse engineering
• Experience with SOAR solutions and automation workflows
• Experience developing custom detection methodologies
• Experience with threat intelligence platforms and integrating threat intelligence feeds into security operations
• Knowledge of Windows Internals and forensic artifacts for endpoint security
• Certifications such as GCDA, GCIH, GCFA, OSCP, or Splunk Certified Security Professional

Clearance Requirements:

• Must have a current/active TS/SCI w/Polygraph

Physical Requirements:

• The person in this position must be able to remain in a stationary position 50% of the time

SKN.7.23