Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

IDS/IPS Cyber Security Engineer, Mid

DAn Solutions Inc

REQUIRES AN EXISTING/ACTIVE TS/SCI WITH CI POLYGRAPH - NO REMOTE WORK, MUST WORK ON SITE

Job Description:

We are seeking an experienced Network Intrusion Detection Engineer to join our cybersecurity team. The ideal candidate must possess strong Linux engineering expertise with experience managing YAML configuration files, and how these configurations integrate and influence the Intrusion Detection Systems/Intrusion Prevention Systems (IDS/IPS). Highly qualified candidates will have hands-on engineering and O&M experience with Suricata and/or other network-based IDS capabilities such as Snort, VectraAI, Corelight, etc. You will play a critical role in deploying, tuning, and maintaining the IDS within a complex enterprise IT environment, primarily running on Red Hat Enterprise Linux.

What You'll Work On:

· Designing, deploying, and maintaining IDS/IPS systems across a large enterprise with multiple networks.

· Developing, reviewing, and optimizing YAML configuration files to ensure optimal detection capabilities and minimal false positives.

· Understanding and managing the interaction between YAML configuration and its runtime engine, including rule loading, protocol decoding, and logging.

· Tuning IDS/IPS for optimal performance with NICs, including configuring Direct Memory Access (DMA), RSS queues, interrupt coalescing, and leveraging any NIC-specific acceleration features.

· Collaborating with security teams to integrate IDS/IPS with SIEM and other security monitoring platforms.

· Troubleshooting installation and operational issues specific to IDS/IPS on Red Hat Enterprise Linux, addressing compatibility, kernel module requirements, SE-Linux policies, and performance tuning.

· Identifying and mitigating common pitfalls encountered when deploying IDS/IPS in large-scale enterprise environments, including package dependencies, system resource constraints, and NIC driver/configuration issues.

· Provide detailed documentation and runbooks for Suricata configuration, tuning NICs, and deployment processes.

· Staying current with Platform IDS/IPS Software releases, NIC driver updates, and community best practices for network interface tuning and IDS/IPS performance enhancement.

Basic Qualifications:

· Proven experience working with Snort, Suricata, Corelight or other network IDS/IPS systems, including hands-on management of its YAML configuration files.

· Strong knowledge of configuration structure, syntax, and how it controls detection rules, logging, and output modules.

· Extensive experience administering Red Hat Enterprise Linux (RHEL) systems, including package management (yum/dnf), kernel module management, SE-Linux configuration, and system optimization via Unix CLI and other remote shell access vectors (puTTY, SSH, etc.)

· Hands-on experience tuning Suricata for high-performance packet capture with Napatech NICs or similar advanced network interface cards.

· Familiarity with NIC-specific features such as DMA, Receive Side Scaling (RSS), interrupt moderation, and offload capabilities, and how to configure them for Suricata.

· Experience troubleshooting Suricata's interaction with NIC drivers and kernel modules in an enterprise environment.

· TS/SCI clearance with the ability to obtain a counter-intelligence polygraph.

· Associate's degree and 5+ years of experience supporting IT projects and activities or Bachelor's degree and 3+ years of experience supporting IT projects and activities or Master's degree and 1+ years of experience supporting IT projects and activities. Years of experience may be accepted in lieu of degree.

· DoD 8570 IAT Level II Certification, including Security+ CE, CCNA-Security, GSEC, SSCP, CySA+, GICSP, or CND Certification.

· Ability to obtain a DoD 8570 Cyber Security Service Provider - Infrastructure Support Certification, including CEH, CySA+, GICSP, SSCP, CHFI, CFR, Cloud+, or CND Certification, within 60 days of start date.

Additional Qualifications:

· Experience with scripting languages (Bash, Python, YAML/Ansible, etc.) to automate Suricata configuration and deployment tasks.

· Proficient understanding of network protocols, intrusion detection methodologies, and security event correlation.

· Experience integrating Suricata with Splunk, or other SIEM solutions.

· Knowledge of containerized deployments of Suricata (Docker/Kubernetes) in enterprise environments.

· Detection and Response (NDR) solutions, including Trellix/FireEye, Corelight, Endace, Vectra AI, Dark Trace, Cisco Security Network Analytics, Open XDR, Fortinet FortiNDR, Trend Vision, etc.

· Ability to be a self-starter, work without considerable direction, and work with a team.

· Possession of excellent verbal and written communication skills, including client briefings and coordinating efforts

Vacancy posted 5 days ago
Similar jobs that could be interesting for youBased on the IDS/IPS Cyber Security Engineer, Mid in Washington DC vacancy
  •  ...Requisition ID: 2672 Standard Title: Senior Cyber Security Engineer Required Security Clearance: Top Secret/SCI Location: Bethesda, MD Work Type...  ...Experience with middleware/web technologies, databases, TCP/IP networking, and CI/CD platforms. Familiarity... 
    Suggested
    Hourly pay
    Contract work
    Temporary work
    Immediate start
    Flexible hours
    Shift work

    Base2 Solutions

    Bethesda, MD
    5 days ago
  •  ...Forescout Cyber Security Engineer, Mid What You'll Work On: · Develop relationships quickly and easily with other teams, communicating the...  ...security upgrades · Experience architecting and designing IP networks, including developing and documenting network topologies... 
    Suggested
    Contract work

    Cinteot Inc.

    Washington DC
    2 days ago
  •  ...clients to fulfill staffing needs in IT, Security, Business Support, and Operations....  ...and networks from potential cyber-attacks. The Cyber Security Engineer must display an excellent understanding...  ...VPNs, Data Loss Prevention (DPS), IDS/IPS, Web-Proxy, Security tools, and... 
    Suggested
    For subcontractor
    Local area

    Red Key Solutions

    Bethesda, MD
    2 days ago
  •  ...Description Cyber Security Engineer SME – TS/SCI with Full Scope Polygraph Xcelerate Solutions is seeking a highly skilled Cyber Security...  ...(Security Groups), VPNs, Data Loss Prevention (DPS), IDS/IPS, Web-Proxy, Security tools, and Security Audits. Candidate... 
    Suggested

    VMD Corp

    Bethesda, MD
    1 day ago
  •  ...Job Description Job Title: Cyber Security Engineer Company: Client of BizFirst Employment Type: Full-time Permanent W-2 Employee...  ...with security tools and technologies such as firewalls, IDS/IPS, SIEM, antivirus, and endpoint protection. • Vulnerability... 
    Suggested
    Permanent employment
    Full time
    2 days per week
    3 days per week

    Biz First

    Alexandria, VA
    12 days ago
  •  ...Description Senior Cybersecurity Engineer Role Summary The Senior Cybersecurity...  ...'s technology environment remains secure, compliant, and resilient against emerging...  ...remediation actions. Utilize SIEM, EDR, and IDS/IPS platforms such as CrowdStrike and... 
    Full time
    Local area

    Howard University Hospital

    Washington DC
    4 days ago
  • $145k - $210k

     ...Senior Cyber Security Engineer Cooley is seeking a Senior Cyber Security Engineer to join the Security team. Position summary: Cooley...  ...gateways, firewalls, encryption systems, anti-malware systems, IDS/IPS Configure, maintain, and administer security products... 
    Full time
    Temporary work
    Work at office
    Flexible hours
    Weekend work

    Cooley

    Washington DC
    5 days ago
  •  ...experienced OT/ICS Cybersecurity & Network Security Engineer to serve as the primary liaison between...  ...or unauthorized activity. Maintain IP addressing, device inventories, and...  ...Ability to deploy or configure firewalls, IDS/IPS, CPS, and network devices. Ability... 
    Remote work

    Convergenz

    Bethesda, MD
    1 day ago
  • $66.9k - $82.1k

     ...Cybersecurity Incident Response Engineer, Mid supports the detection,...  ...the speed and consistency of security operations. The engineer performs...  ...and incidents using SIEM, IDS/IPS, EDR, and related tools to...  ...platforms integrated with SOC and cyber defense functions.... 
    Contract work
    Work experience placement
    Work at office

    ASM Research, An Accenture Federal Services Company

    Washington DC
    1 day ago
  •  ...Description Cyber Security Engineer - TS/SCI Xcelerate Solutions is seeking an exciting opening for you, our next TS/SCI Cyber...  ...MS SQL, MySQL, ElasticSearch, etc.) Understanding of TCP/IP networking. Experience with Continuous Integration and Continuous... 
    Contract work
    Remote work
    Flexible hours

    Xcelerate Solutions

    Bethesda, MD
    4 days ago
  •  ...Cyber Security Threat Engineer Comtech is a woman-owned small business founded in 1998 and headquartered in Reston, VA. We offer IT solutions across...  ...Perform software testing (patches, other updates) Troubleshoot OSI layer and TCP/IP related problems.... 

    Comtech LLC

    Washington DC
    5 days ago
  • $135k

     ...Native owned corporation, our work helps secure an enduring future for our shareholders....  ...Federal is looking for an experienced Senior Cyber Security Analyst (Incident Response &...  ...detection capabilities across SIEM, EDR/XDR, IDS/IPS, email security, and firewall platforms.... 
    Permanent employment
    Full time
    For contractors
    Remote work

    ASRC Federal Holding Company

    Beltsville, MD
    4 days ago
  • $92k - $153k

     ...Job Family: IT Cyber Security Travel Required: Up to 10% Clearance Required:...  ...technology, or a related technical support or engineering role. Bachelors degree from an...  ...Accident Insurance, Legal Assistance and ID theft protection, etc.) ~ Position may... 
    Full time
    Temporary work
    Work experience placement
    Flexible hours
    Shift work

    Guidehouse

    Washington DC
    5 days ago
  •  ...Sr. Cyber Security Engineer Category: Analytics and Emerging Digital Technologies Main location: United States, District of Columbia, Washington Position ID: J0426-1406 Employment Type: Full Time U.S. - What we do matters ( By playing this video you... 
    Full time
    Local area

    CGI Technologies and Solutions, Inc.

    Washington DC
    4 days ago
  •  ...Celestial Innovations Group (CIG) is seeking a Mid Zero Trust Engineer to support federal agency clients in...  ...understands that Zero Trust is a security philosophy and architectural strategy,...  ...Microsoft Zero Trust: Microsoft Entra ID (Azure AD), Conditional Access, Intune/... 
    Remote work
    Work from home
    Flexible hours

    CELESTIAL INNOVATIONS GROUP LLC

    Washington DC
    26 days ago
  •  ...Description Join the Nalley Consulting team as a Cyber Analyst. Position: Cyber Analyst LCAT: Mid Location : Joint Base Anacostia-Bolling Shift...  ...interpret, forecast, and explain a range of national security issues and developments specific to the cyber... 
    Temporary work
    Flexible hours
    Shift work

    Nalley Consulting

    Washington DC
    4 days ago
  •  ...Overview Role Summary: The Cyber Security Engineer is responsible for developing and implementing security measures to protect the company's systems and data. Responsibilities Develop and implement security measures. Conduct security assessments and audits... 

    Beyond SOF

    Washington DC
    1 day ago
  •  ...Senior Cyber Security Analyst The client is looking for a Senior Cyber...  ...swings (second shift), and mids. The current position will...  ...Utilize alerts from endpoints, IDS/IPS, netflow, and custom sensors...  ...knowledge of architecture, engineering, and operations of at least... 
    Work experience placement
    Shift work
    Day shift
    Afternoon shift

    Beyond SOF

    Arlington, VA
    25 days ago
  •  ...Cyber Security Operations Engineer Comtech is a woman-owned small business founded in 1998 and headquartered in Reston, VA. We offer IT solutions across...  ...) Experience and knowledge of OSI layers and TCP/IP troubleshooting techniques. Experience with Firewall and... 

    Comtech LLC

    Washington DC
    5 days ago
  •  ...Everforth ECS Federal is seeking a Mid-Level Endpoint Security Engineer to support a mission-focused federal cybersecurity program in Washington DC. Please Note: This position is contingent upon contract award. Join Everforth ECS Federal to grow your endpoint... 
    Contract work

    ECS Limited

    Washington DC
    4 days ago
  • $86.8k - $135.63k

     ...Responsibilities * This is for a potential upcoming opportunity. Position Overview The Cyber Security Engineer (CSE3) provides cybersecurity engineering and Risk Management Framework (RMF) support to the PMS 339 Surface Training Systems Program Office . This... 
    Full time
    Contract work
    Part time
    Interim role
    Work at office
    Local area
    Remote work

    Noblis

    Washington DC
    3 days ago
  • $110k

     ...to receive the highest form of third-party validation. Responsibilities ValidaTek is seeking a highly skilled Senior Security Engineer to provide advanced technical expertise in securing complex enterprise IT environments. This role involves designing, implementing... 
    Contract work
    Remote work

    ValidaTek

    Arlington, VA
    2 days ago
  •  ...Cyber Security Requires US Citizenship Employment Term and Type: Regular, Full Time Required Security Clearance: TS/SCI Required Education...  ...to include Secure Information Systems, Security and Engineering and Intelligence Analysis. Our turnkey solutions include design... 
    Full time
    For contractors
    Casual work
    Work at office
    Remote work
    Worldwide

    FGS

    Suitland, MD
    5 days ago
  •  ...position ensures the technological and digital security of the Bank at a high level of ability...  ...expertise. Mitigates exposure to cyber threats, security risks, and unauthorized...  ...minimum of 6 years of experience in systems engineering, networking or information security... 
    Remote work

    First Citizens Bank

    Arlington, VA
    8 days ago
  • $132k - $140k

     ...Cyber Security Engineer Bethesda, Maryland DLH delivers improved health and national security readiness solutions for federal programs through science research and development, systems engineering and integration, and digital transformation. Our experts in public... 
    Temporary work
    Flexible hours

    DLH Corporation

    Bethesda, MD
    5 days ago
  •  ...Cyber Security Engineer Abacus Technology is seeking a Cyber Security Engineer to provide security support for the Federal Aviation Administration (FAA). This is a full-time position. Responsibilities Design and implement security architecture that addresses... 
    Full time

    Abacus Technology

    Washington DC
    1 day ago
  •  ...LLC, a Koniag Government Services company , is seeking a Mid-Level Applied Security Architect to support KPS and our government customer in...  ...Bachelor's degree in computer science, information security, engineering, or a related field. 4-6 years of experience in... 
    For contractors
    Work at office
    Local area
    Remote work
    Flexible hours

    Koniag

    Washington DC
    4 days ago
  •  ...Mid-Level Information Systems Security Engineer (ISSE) who will be responsible for management of the certification and accreditation of computer networks and standalone information systems using government standards. Duties may include: Maintain responsibility... 
    Local area

    IC-CAP, LLC

    Washington DC
    1 day ago
  •  ...Cyber Security Engineering Sme Abacus Technology is seeking a Cyber Security Engineering Sme to provide security and test and evaluation support for the RDT&E Engineering and Technical Support (RETS) program. This is a full-time position. Responsibilities... 
    Full time

    Abacus Technology

    Washington DC
    9 days ago
  • $110k - $135k

     ...Manager, the Web Developer Embeds security across the SDLC for mission-...  ...~3+ Web AppSec / AppSec Engineering / SSDLC ~ Modern web tech incl...  ...tools (Wireshark, SIEM, IDS/IPS, NDR, EDR); risk assessment;...  ...Education:Bachelor's+ (CS/Cyber/IS/Engineering/related).... 

    BaseCamp Consulting & Solutions

    Washington DC
    13 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to IDS/IPS Cyber Security Engineer, Mid. Be the first to apply!