Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

IDS/IPS Cyber Security Engineer, Mid

DAn Solutions Inc

REQUIRES AN EXISTING/ACTIVE TS/SCI WITH CI POLYGRAPH - NO REMOTE WORK, MUST WORK ON SITE

Job Description:

We are seeking an experienced Network Intrusion Detection Engineer to join our cybersecurity team. The ideal candidate must possess strong Linux engineering expertise with experience managing YAML configuration files, and how these configurations integrate and influence the Intrusion Detection Systems/Intrusion Prevention Systems (IDS/IPS). Highly qualified candidates will have hands-on engineering and O&M experience with Suricata and/or other network-based IDS capabilities such as Snort, VectraAI, Corelight, etc. You will play a critical role in deploying, tuning, and maintaining the IDS within a complex enterprise IT environment, primarily running on Red Hat Enterprise Linux.

What You'll Work On:

· Designing, deploying, and maintaining IDS/IPS systems across a large enterprise with multiple networks.

· Developing, reviewing, and optimizing YAML configuration files to ensure optimal detection capabilities and minimal false positives.

· Understanding and managing the interaction between YAML configuration and its runtime engine, including rule loading, protocol decoding, and logging.

· Tuning IDS/IPS for optimal performance with NICs, including configuring Direct Memory Access (DMA), RSS queues, interrupt coalescing, and leveraging any NIC-specific acceleration features.

· Collaborating with security teams to integrate IDS/IPS with SIEM and other security monitoring platforms.

· Troubleshooting installation and operational issues specific to IDS/IPS on Red Hat Enterprise Linux, addressing compatibility, kernel module requirements, SE-Linux policies, and performance tuning.

· Identifying and mitigating common pitfalls encountered when deploying IDS/IPS in large-scale enterprise environments, including package dependencies, system resource constraints, and NIC driver/configuration issues.

· Provide detailed documentation and runbooks for Suricata configuration, tuning NICs, and deployment processes.

· Staying current with Platform IDS/IPS Software releases, NIC driver updates, and community best practices for network interface tuning and IDS/IPS performance enhancement.

Basic Qualifications:

· Proven experience working with Snort, Suricata, Corelight or other network IDS/IPS systems, including hands-on management of its YAML configuration files.

· Strong knowledge of configuration structure, syntax, and how it controls detection rules, logging, and output modules.

· Extensive experience administering Red Hat Enterprise Linux (RHEL) systems, including package management (yum/dnf), kernel module management, SE-Linux configuration, and system optimization via Unix CLI and other remote shell access vectors (puTTY, SSH, etc.)

· Hands-on experience tuning Suricata for high-performance packet capture with Napatech NICs or similar advanced network interface cards.

· Familiarity with NIC-specific features such as DMA, Receive Side Scaling (RSS), interrupt moderation, and offload capabilities, and how to configure them for Suricata.

· Experience troubleshooting Suricata's interaction with NIC drivers and kernel modules in an enterprise environment.

· TS/SCI clearance with the ability to obtain a counter-intelligence polygraph.

· Associate's degree and 5+ years of experience supporting IT projects and activities or Bachelor's degree and 3+ years of experience supporting IT projects and activities or Master's degree and 1+ years of experience supporting IT projects and activities. Years of experience may be accepted in lieu of degree.

· DoD 8570 IAT Level II Certification, including Security+ CE, CCNA-Security, GSEC, SSCP, CySA+, GICSP, or CND Certification.

· Ability to obtain a DoD 8570 Cyber Security Service Provider - Infrastructure Support Certification, including CEH, CySA+, GICSP, SSCP, CHFI, CFR, Cloud+, or CND Certification, within 60 days of start date.

Additional Qualifications:

· Experience with scripting languages (Bash, Python, YAML/Ansible, etc.) to automate Suricata configuration and deployment tasks.

· Proficient understanding of network protocols, intrusion detection methodologies, and security event correlation.

· Experience integrating Suricata with Splunk, or other SIEM solutions.

· Knowledge of containerized deployments of Suricata (Docker/Kubernetes) in enterprise environments.

· Detection and Response (NDR) solutions, including Trellix/FireEye, Corelight, Endace, Vectra AI, Dark Trace, Cisco Security Network Analytics, Open XDR, Fortinet FortiNDR, Trend Vision, etc.

· Ability to be a self-starter, work without considerable direction, and work with a team.

· Possession of excellent verbal and written communication skills, including client briefings and coordinating efforts

Vacancy posted 3 days ago
Similar jobs that could be interesting for youBased on the IDS/IPS Cyber Security Engineer, Mid in Washington DC vacancy
  •  ...Requisition ID: 2672 Standard Title: Senior Cyber Security Engineer Required Security Clearance: Top Secret/SCI Location: Bethesda, MD Work Type...  ...Experience with middleware/web technologies, databases, TCP/IP networking, and CI/CD platforms. Familiarity... 
    Suggested
    Hourly pay
    Contract work
    Temporary work
    Immediate start
    Flexible hours
    Shift work

    Base2 Solutions

    Bethesda, MD
    3 days ago
  •  ...Cyber Security Engineer Hoplite Solutions is seeking multiple Cyber Security Engineers. This role is responsible for protecting the customer...  ...(Security Groups), VPNs, Data Loss Prevention (DPS), IDS/IPS, Web-Proxy, Security tools, and Security Audits. Candidates... 
    Suggested
    Temporary work
    Work experience placement

    Hoplite Solutions LLC

    Bethesda, MD
    1 day ago
  •  ...Cyber Security Engineer Company: Client of BizFirst Employment Type: Full-time Permanent W-2 Employee Work Type: Hybrid (2-3 days/week onsite...  ...with security tools and technologies such as firewalls, IDS/IPS, SIEM, antivirus, and endpoint protection. Vulnerability Management... 
    Suggested
    Permanent employment
    Full time
    2 days per week
    3 days per week

    Biz First

    Alexandria, VA
    5 days ago
  •  ...Manufacturing Co is seeking a Firewall Engineer Level 3 in Suitland, MD to support a DoD...  ...candidate will possess advanced knowledge in IPS/IDS and Firewall technologies. This role...  ...includes responsibilities such as designing security policies, managing security appliances,... 
    Suggested

    Dormont Manufacturing Company

    Suitland, MD
    1 day ago
  • cFocus Software seeks a Cyber Security Engineer II to join our program supporting the National Institutes of Health (NIH). This position is fully...  ...of network security technologies including firewalls, IDS/IPS, web application firewalls, secure gateways, and network segmentation... 
    Suggested
    Remote work

    cFocus Software Incorporated

    Bethesda, MD
    3 days ago
  • $145k - $165k

     ...Description Senior Cybersecurity Engineer Role Summary The Senior Cybersecurity...  ...'s technology environment remains secure, compliant, and resilient against emerging...  ...remediation actions. Utilize SIEM, EDR, and IDS/IPS platforms such as CrowdStrike and... 
    Full time
    Local area

    Howard University Hospital

    Washington DC
    2 days ago
  •  ...esteemed Randstad client in Washington, D.C. is seeking a Senior Cyber Security Engineer for a 12+ month contract role. This crucial position...  ...Data Classification, Access Controls, Network Security (FW, IDS, IPS, etc.), and Web Application Firewall Security. Possession... 
    Contract work

    E-Solutions

    Washington DC
    2 days ago
  • $145k - $210k

     ...Senior Cyber Security Engineer Cooley is seeking a Senior Cyber Security Engineer to join the Security team. Position summary: Cooley...  ...gateways, firewalls, encryption systems, anti-malware systems, IDS/IPS Configure, maintain, and administer security products... 
    Full time
    Temporary work
    Work at office
    Flexible hours
    Weekend work

    Cooley

    Washington DC
    3 days ago
  • We are conducting a search for a Mid‑Level Application Engineer - Cyber Security Analytics Engineer. We are seeking an ideal candidate who can develop and manage software tools to support Enterprise Management. This role involves formulating and defining specifications... 

    SourcePro Search

    Washington DC
    4 days ago
  • SourcePro Search is seeking a Mid-Level Application Engineer - Cyber Security Analytics Engineer in Washington, DC. The ideal candidate will develop and manage software tools to support Enterprise Management, focusing on software specifications, program design, and documentation... 

    SourcePro Search

    Washington DC
    4 days ago
  • $105.52k - $115k

     ...reputation for creating meaningful change in the world. Job Title Cyber Security Engineer III (Information Security Engineering) Summary The Cyber...  ..., macOS), internet applications (email, web, DNS/DHCP, TCP/IP), desktop software, antivirus tools, encryption technologies... 
    Full time
    Work at office
    Local area
    Remote work
    Monday to Friday
    Night shift
    Afternoon shift

    American University

    Washington DC
    5 days ago
  •  ...Cyber Security Threat Engineer Comtech is a woman-owned small business founded in 1998 and headquartered in Reston, VA. We offer IT solutions across...  ...Perform software testing (patches, other updates) Troubleshoot OSI layer and TCP/IP related problems.... 

    Comtech LLC

    Washington DC
    3 days ago
  • $112k - $179k

    Cyber Network Security Analyst job at Peraton. Arlington, VA. Program Overview About...  ...data, signature-based IDS alert/event data, full packet...  ...architectures (OSI-model, TCP/IP, major application protocols...  ...knowledge of intrusion detection engines, capabilities, and signature... 
    Internship
    Local area

    Payfuture Technologies

    Arlington, VA
    4 days ago
  •  ...Thriving" ($5MM–$50MM in gross revenue) and "Mid-Atlantic Region" (DC, DE, MD, NC, VA, WV)...  ...~3+ years of experience as a lead Engineer ~ CISSP required ~5 years of experience...  ...cyberattack. ~ Communicate the organization's security posture, risks, and incident status to... 
    Contract work

    True Zero Technologies, LLC

    Alexandria, VA
    2 days ago
  •  ...Senior Cyber Security Analyst The client is looking for a Senior Cyber...  ...swings (second shift), and mids. The current position will...  ...Utilize alerts from endpoints, IDS/IPS, netflow, and custom sensors...  ...knowledge of architecture, engineering, and operations of at least... 
    Work experience placement
    Shift work
    Day shift
    Afternoon shift

    Beyond SOF

    Arlington, VA
    2 days ago
  •  ...Join the Nalley Consulting team as a Cyber Analyst. Position: Cyber Analyst LCAT: Mid Location: Joint Base Anacostia-Bolling Shift work: No Clearance requirement...  ...interpret, forecast, and explain a range of national security issues and developments specific to the cyber domain.... 
    Temporary work
    Flexible hours
    Shift work

    NALLEY CONSULTING, LLC

    Washington DC
    5 days ago
  • $154.05k - $278.48k

    Leidos has an exciting opportunity for a Cyber Security Engineer—Technical Lead in our Intel Security Sector's Analysis Solutions Business Area...  ...(Security Groups), VPNs, Data Loss Prevention (DPS), IDS/IPS, Web‑Proxy, Security tools, and Security Audits. Primary Responsibilities... 
    Immediate start
    Flexible hours

    Leidos LLC

    Bethesda, MD
    1 day ago
  •  ...design, development and programming, software engineering, systems development, testing,...  ...information, brand and intellectual property (IP), networks, systems and applications. Principal...  ...be exploited and introduce risk to the security of the client. Continually assesses and... 

    Atria Group

    Washington DC
    5 days ago
  • ENS Solutions, LLC is seeking an experienced Suricata Engineer to join our cybersecurity team in Washington, D.C. The ideal candidate will...  ...optimizing packet capture performance, and collaborating with security teams. Benefits include comprehensive health coverage, 401k... 

    ENS Solutions, LLC

    Washington DC
    4 days ago
  • $83k - $139k

    GIS Engineer (Mid) page is loaded## GIS Engineer (Mid)locations: Bolling AFB, DC: Arlington, VA...  ...on: Posted Todayjob requisition id: R23747Vantor is forging the new frontier...  ...position requires an active U.S. Government security clearance, applicants who do not currently... 

    MAXAR TECHNOLOGIES, INC.

    Arlington, VA
    2 days ago
  • Nalley Consulting is seeking a Cyber Analyst at Joint Base Anacostia-Bolling. This mid-level position requires a TS/SCI clearance and involves conducting intelligence analysis on national security issues. Candidates should have at least 3 years of relevant experience in... 

    NALLEY CONSULTING, LLC

    Washington DC
    23 hours ago
  • $62k - $141k

     ...Cybersecurity Analyst, Mid The Opportunity: Warnings about cyber threats are everywhere and the constantly...  ...your knowledge as an Information Security Risk Specialist who knows how to...  ...Cybersecurity, Information Systems, CS, or Engineering field Industry-recognized... 
    Full time
    Contract work
    Part time
    Work at office
    Local area
    Remote work

    Booz Allen Hamilton

    Washington DC
    2 days ago
  • $62k - $141k

     ...Cybersecurity Analyst, Mid Warnings about cyber threats are everywhere and the constantly evolving...  ...build your knowledge as an Information Security Risk Specialist who knows how to...  ...Cybersecurity, Information Systems, CS, or Engineering field Industry-recognized... 
    Local area

    Booz Allen Hamilton

    Washington DC
    3 days ago
  •  ...application scanning, phishing campaigns, cloud access security broker, and other cross functional security tools....  ...various information security technologies (i.e., IDS/IPS, HIPS, DLP, firewalls, network engineering, database, etc.). In-depth experience with cybersecurity... 

    Software Technology Inc

    Washington DC
    2 days ago
  •  ...Cybersecurity Engineer (Zero Trust) Client: Federal Client Location: Washington DC Interview Type: Microsoft Teams Opportunity...  ...support of NEA’s transition to Zero Trust and a Data Centric Security Architecture. The Cybersecurity Engineer shall support the... 
    Contract work
    H1b
    Work at office
    Immediate start

    Argyle Infotech

    Washington DC
    2 days ago
  •  ...Overview Role Summary: The Cyber Security Engineer is responsible for developing and implementing security measures to protect the company's systems and data. Responsibilities Develop and implement security measures. Conduct security assessments and audits... 

    Beyond SOF

    Washington DC
    1 day ago
  • $86.8k - $135.63k

     ...Responsibilities * This is for a potential upcoming opportunity. Position Overview The Cyber Security Engineer (CSE3) provides cybersecurity engineering and Risk Management Framework (RMF) support to the PMS 339 Surface Training Systems Program Office . This... 
    Full time
    Contract work
    Part time
    Interim role
    Work at office
    Local area
    Remote work

    Noblis

    Washington DC
    1 day ago
  •  ...Position: Cyber Security Engineer Location: Arlington, VA Role: Deliver security architecture expertise, and best practices oversight. Responsible for designing, architecting, and supporting the administration and management of the IT/OT Security infrastructure... 

    3B Staffing LLC

    Arlington, VA
    3 days ago
  •  ...Cyber Security Requires US Citizenship Employment Term and Type: Regular, Full Time Required Security Clearance: TS/SCI Required Education...  ...to include Secure Information Systems, Security and Engineering and Intelligence Analysis. Our turnkey solutions include design... 
    Full time
    For contractors
    Casual work
    Work at office
    Remote work
    Worldwide

    FGS

    Suitland, MD
    3 days ago
  • Job Posting This contractor and subcontractor shall abide by the requirements of 41 CFR 60–1.4(a), 60–300.5(a) and 60–741.5(a). These regulations prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities...
    For contractors
    For subcontractor

    TSC Corp

    Arlington, VA
    5 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to IDS/IPS Cyber Security Engineer, Mid. Be the first to apply!