Sr. Cyber Hunt Engineer

ManTech (


  Full Time   Employee   Contractor

San Antonio
United States

Position Title: Senior Cyber Hunt Engineer

Position Description: Lead cyber engineer supporting an innovative research and development (R&D) project with the Air Force Research Lab to produce an autonomous cyber defense capability that integrates within Air Force Cyber Protection Team (CPT) and Computer Network Defense Service Provider (CNDSP) weapon systems for 1) identifying Defensive Cyber Operations (DCO) decision points, and 2) establishing sensor technology that receives decisions and acts upon them in real-time based on pre-approved action sequences. Primary goals of devised solution are to 1) bridge the gap between what is known about key terrain assets and perceived threats to what is unknown on the endpoint and what malicious activity is actually occurring, and 2) combine cutting-edge analytics with triggered sensor technology to enable autonomous defensive action in cyberspace at machine speed.

Position Responsibilities:
•Architect innovative autonomous cyber defense solution to meet operational requirements
•Collaborate with operational stakeholders to collect, refine, and resolve requirements
•Integrate solution into cyber weapons systems consisting of multiple frameworks to included, but not limited to: Elastic Stack, Splunk, Cyber Situational Awareness and Analytic Cloud (CSAAC), Metasponse, and/or other cloud-based architectures
•Engineer infrastructure to replicate cyber weapon system components and subsystems, and maintain research, development, test, and evaluation (RDT&E) environment
•Design and execute end-to-end DevOps process for continuous integration coupled with test automation
•Use high-level scripting/programming language to support the development of endpoint sensor component and analytic bridge component
•Analyze threat intelligence (e.g. actors, hack tools, exploits, malware, etc.), determine techniques, tactics, and procedures (TTPs) of Threat Actors, and engineer effective countermeasures within an autonomous context
•Support the development of innovative cyber data analytic techniques for automatic correlation of advanced threats and indicators of compromise
•Translate analytical findings into security “use cases” that can be implemented within the autonomous solution
•Collaborate with other developers, testers, and system engineers to ensure quality product deliverables

Position Requirements:
•Bachelor's degree or equivalent combination of education and experience
•Bachelor’s degree in one of the following disciplines: Computer Engineering, Computer Science, Math, Software Engineering or a related field preferred
•Seven or more years of experience working with specific software and/or hardware systems with a specific concentration in one or more areas, for example:
•Windows Active Directory domain administration
•Linux and or Unix system/network administration
•Integrating Microsoft and Linux/Unix infrastructure
•Virtualization (e.g., VMware, VirtualBox)
•Layer 2/3 technologies and protocols, VLANs, IOS management and Cisco router and switch experience
•Elastic Stack, Splunk, CSAAC, Metasponse, and/or other cloud environment
•Knowledge of network protocols and related security concepts
•Knowledge of operating system internals
•Experience with DevOps and related technologies
•Experience with source control and code repository tools
•Experience working with one or more structured programming languages (Python a plus)
•Experience with Windows (batch) and Linux (bash) Shell Scripting
•Knowledge of certification and accreditations process and documentation with a focus on Risk Management Framework (RMF)
•Passion for low-level network engineering and cyber security
•Possess excellent oral and written communication skills and critical thinking
•Flexibility in meeting schedule commitments
•Proactive, analytic, top-down thinker with a successful track record solving complex problems
•Self-Learning initiative for remaining knowledgeable of evolving offensive and defensive technologies and adversarial tradecraft
•Thought leadership and ability to advance continuous innovation for autonomous cyber defense effects

Security Requirements:
•Eligible for Top Secret / Sensitive Compartmented Information (TS/SCI) clearance

Travel Requirements:
•No travel anticipated

•San Antonio, TX


To apply for this job, contact:
Human Resources

Save This Job

Email This Job to a Friend