ManTech seeks a highly skilled and knowledgeable Cyber Data and Applications Specialist for a position that is located on customer site in Huntsville, AL. This individual will be responsible for developing, operating, maintaining, and enhancing a suite of cybersecurity tools deployed across secure enclaves to support incident response, threat detection, and event monitoring, as well as integrating data from centralized and local system sources. Responsibilities include but are not limited to: Design, develop, deliver, and sustain cyber capabilities / applications, algorithms, and automation to optimize workflows and improve data analysis to support a SOC and other cyber groups; Responsible for program design, coding, testing, debugging, and documentation.
Maintain data ingestion configurations to collect and parse log and event data from various sources and various threat intelligence data and feeds into the SIEM.
Create and optimize queries and rules to detect suspicious activities or patterns in the data in the SIEM platform.
Develop and maintain playbooks, reports, dashboards, and automated responses for the SIEM.
Develop reports and dashboards for compliance monitoring and reporting from SIEM data.
Ensure that cyber tools and infrastructure remain operational, resilient, and adaptable to evolving threats.
Collaborate to integrate security requirements into technical solutions and conduct ongoing research to incorporate emerging technologies, enhancing the organization's overall cybersecurity posture.
Recommend and utilize the appropriate programming language for each component or workload based upon performance requirements, supportability, integration with existing components, maintainability, and other selection criteria deemed applicable.
Ensure DevSecOps and CI/CD processes and SOPs for Agile (SAFe, Scrum, Kanban) and DevSecOps methods are documented and maintained. Basic Qualifications: 8+ years of IT experience.
3+ years of experience in the development and maintaining cyber applications / tools for a SOC or cyber program
Experience with Splunk
3+ years of experience in Linux administration, as well as testing, implementing, deploying, maintaining, and administering infrastructure hardware and software for a cybersecurity/SOC environment
Experience developing, creating, modifying, and maintaining computer applications, software, or specialized utility programs for cybersecurity
In-depth experience with design and development of complex server based, client/server, service oriented, micro-service, and/or n-tiered applications in a hybrid environment (on premise and AWS cloud). Preferred Qualifications: Bachelor's degree, preferably in IT, Cybersecurity, Engineering, Computer Science, Mathematics, or related discipline.
Experience integrating third-party components, introducing new custom capabilities, modifying existing code, recommending process improvements, and automating operations and maintenance tasks for applications and tools for a SOC environment.
Experience with Oracle and MS SQL based platforms.
Experience with Python and other scripting languages.
Experience with AWS.
Preferred certifications: Red Hat Certified Systems Administrator (RHCSA)
AWS Certified Cloud Practitioner
AWS Certified DevOps Engineer Associate Clearance Requirement: Must have an Active Top Secret with the ability to obtain SCI eligibility prior to starting this position. Physical Requirements: Must be able to remain in a stationary position 50%
Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine and computer printer
The person in this position frequently communicates with co-workers, management and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations.
Date Posted: 23 May 2025
Apply for this Job