**_All ManTech employees will need to meet the requirements set forth in Executive Order 14042 and the Safer Federal Workforce Task Force Guidance requiring all covered contractor personnel to be fully vaccinated against COVID-19._**
**Secure our Nation, Ignite your Future**
Responsible for day to day maintenance of the SIEM tool and its architecture. Proactively monitor O&M actions through the use of dashboards and quickly resolve any anomalies. Provide weekly Quality of Service metrics demonstrating account management and system up/down time of all critical components. Responsible for all threshold assignments and load balancing of Audit infrastructure and create new connectors, loggers, indexers when required. Consistently strive to make the Audit SIEM more efficient and effective through the use of ArcMC or Splunk tools and recommended procedures and protocols. Perform routine ConMon activities and standard O&M procedures. Performs account management activities for all engineers, required users and customers.
• Coordinate the engineering, integration, and administration function required to deliver capabilities and services to the enterprise.
• Ensure that all aspects of the projects are completed and delivered according to the implementation plan and schedule.
• Responsible for the build-out and testing of sophisticated HP ArcSight and Splunk applications in a virtual environment.
• Perform various Linux systems administration tasks related to the operational system: backups, account management, and bash scripting to automate tasks.
• Verification and validation that the segments are operating as desired, audit events are being processed, metrics generation, and ensuring that all required systematic audit events are being accomplished.
• Operate and multitask in a dynamic high tempo environment.
• Perform the engineering, integration, and administration support required for successful delivery of capabilities and services to the operational baseline.
• Perform change request (CR), service request (SR) and request for change (RFC) activities.
• Perform work duties in a government environment as part of a multi-contractor team.
• Responsible for configuring, installing, and hardening ArcSight/Splunk components and architecture.
• Facilitate the enablement, collection, and verification of customer data within Audit SIEM tools.
• Develop search queries and create custom dashboards to support Enterprise Audit service.
• Leverage expertise with the ArcSight Management Center for operations and maintenance of the ArcSight Infrastructure including health of connectors, loggers, and ESMs.
• Provide weekly Audit quality of service and account metrics and develop powershell scripts to deliver onboarding metrics.
• Research, test and deliver new vendor event collection solutions for the enterprise audit service
• Integration of systems applications.
• Perform Ansible playbooks for automation of O&M procedures and metrics.
• Create Splunk dashboards for O&M monitoring and metrics.
• Tier 2 & 3 support to the customer to include troubleshooting and resolution of network and log parsing problems as they occur.
• Configuration management to include:
• IP subnets assigned to Audit
• Develop and maintain current/future system diagrams and rack elevations
• maintaining the configuration baseline for deployed servers
• Maintaining and applying security related patches.
• Experience with ArcSight Loggers, Connectors, Enterprise Service Managers, and dashboards.
• Experience with ArcSight Management Center (ArcMC)
• System design and integration experience
• Installing, configuring and hardening of VCenter, VMWare, Windows Server 2016 and Hyper V, LINUX OS, and ArcSight application (ArcMC, ESMs, Loggers, and Smart Connectors)
• Risk Management Framework knowledge and experience
• Certification and verification of IT architecture for compliance with security requirements
• Familiarization with other Enterprise security services Host Base Security Service, and Enterprise Vulnerability Scanning Service, and Enterprise Audit
• Ability to clearly articulate ideas for executive – level as well as technical staff consumption
**Qualifications and Skills:**
• Must possess the required DoD Directive 8570.1 IAT Level II or higher certification.
• Must possess an active TS/SCI security clearance with polygraph.
• The ideal candidate will be able to work independently and be able to take on tasks quickly with minimal direction.
• Strong organizational, analytical, and troubleshooting skills with a high level of attention to detail are required to succeed in this diverse environment.
• Should be able to demonstrate understanding and appropriate application of DoD policy and technical security guidance to information systems.
• A solid understanding of Linux and Windows systems administration, general operating system security practices, TCP/IP networking, and network security concepts is required.
• Familiarity with the Certification & Accreditation process is preferable but not required.
• Master’s Degree in Engineering, Computer Science, Information Technology, or Science, Technology, Engineering and Mathematics (STEM) related field with five years of experience or a Bachelor’s Degree in Engineering, Computer Science, Information Technology, or Science, Technology, Engineering and Mathematics (STEM) related field with at least eight years of experience.
• Must be able to remain in a stationary position 50%
• Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine and computer printer.
• The person in this position frequently communicates with co-workers, management and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations.
For all positions requiring access to technology/software source code that is subject to export control laws, employment with the company is contingent on either verifying U.S.-person status or obtaining any necessary license. The applicant will be required to answer certain questions for export control purposes, and that information will be reviewed by compliance personnel to ensure compliance with federal law. ManTech may choose not to apply for a license for such individuals whose access to export-controlled technology or software source code may require authorization and may decline to proceed with an applicant on that basis alone.
ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active Duty Wartime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law.
If you require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please contact ManTech's Corporate EEO Department at (703) 218-6000. ManTech is an affirmative action/equal opportunity employer - minorities, females, disabled and protected veterans are urged to apply. ManTech's utilization of any external recruitment or job placement agency is predicated upon its full compliance with our equal opportunity/affirmative action policies. ManTech does not accept resumes from unsolicited recruiting firms. We pay no fees for unsolicited services.
If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access http://www.mantech.com/careers/Pages/careers.aspx as a result of your disability. To request an accommodation please click firstname.lastname@example.org and provide your name and contact information.