Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

IDS/IPS Cyber Security Engineer, Mid

DAn Solutions Inc

REQUIRES AN EXISTING/ACTIVE TS/SCI WITH CI POLYGRAPH - NO REMOTE WORK, MUST WORK ON SITE

Job Description:

We are seeking an experienced Network Intrusion Detection Engineer to join our cybersecurity team. The ideal candidate must possess strong Linux engineering expertise with experience managing YAML configuration files, and how these configurations integrate and influence the Intrusion Detection Systems/Intrusion Prevention Systems (IDS/IPS). Highly qualified candidates will have hands-on engineering and O&M experience with Suricata and/or other network-based IDS capabilities such as Snort, VectraAI, Corelight, etc. You will play a critical role in deploying, tuning, and maintaining the IDS within a complex enterprise IT environment, primarily running on Red Hat Enterprise Linux.

What You'll Work On:

· Designing, deploying, and maintaining IDS/IPS systems across a large enterprise with multiple networks.

· Developing, reviewing, and optimizing YAML configuration files to ensure optimal detection capabilities and minimal false positives.

· Understanding and managing the interaction between YAML configuration and its runtime engine, including rule loading, protocol decoding, and logging.

· Tuning IDS/IPS for optimal performance with NICs, including configuring Direct Memory Access (DMA), RSS queues, interrupt coalescing, and leveraging any NIC-specific acceleration features.

· Collaborating with security teams to integrate IDS/IPS with SIEM and other security monitoring platforms.

· Troubleshooting installation and operational issues specific to IDS/IPS on Red Hat Enterprise Linux, addressing compatibility, kernel module requirements, SE-Linux policies, and performance tuning.

· Identifying and mitigating common pitfalls encountered when deploying IDS/IPS in large-scale enterprise environments, including package dependencies, system resource constraints, and NIC driver/configuration issues.

· Provide detailed documentation and runbooks for Suricata configuration, tuning NICs, and deployment processes.

· Staying current with Platform IDS/IPS Software releases, NIC driver updates, and community best practices for network interface tuning and IDS/IPS performance enhancement.

Basic Qualifications:

· Proven experience working with Snort, Suricata, Corelight or other network IDS/IPS systems, including hands-on management of its YAML configuration files.

· Strong knowledge of configuration structure, syntax, and how it controls detection rules, logging, and output modules.

· Extensive experience administering Red Hat Enterprise Linux (RHEL) systems, including package management (yum/dnf), kernel module management, SE-Linux configuration, and system optimization via Unix CLI and other remote shell access vectors (puTTY, SSH, etc.)

· Hands-on experience tuning Suricata for high-performance packet capture with Napatech NICs or similar advanced network interface cards.

· Familiarity with NIC-specific features such as DMA, Receive Side Scaling (RSS), interrupt moderation, and offload capabilities, and how to configure them for Suricata.

· Experience troubleshooting Suricata's interaction with NIC drivers and kernel modules in an enterprise environment.

· TS/SCI clearance with the ability to obtain a counter-intelligence polygraph.

· Associate's degree and 5+ years of experience supporting IT projects and activities or Bachelor's degree and 3+ years of experience supporting IT projects and activities or Master's degree and 1+ years of experience supporting IT projects and activities. Years of experience may be accepted in lieu of degree.

· DoD 8570 IAT Level II Certification, including Security+ CE, CCNA-Security, GSEC, SSCP, CySA+, GICSP, or CND Certification.

· Ability to obtain a DoD 8570 Cyber Security Service Provider - Infrastructure Support Certification, including CEH, CySA+, GICSP, SSCP, CHFI, CFR, Cloud+, or CND Certification, within 60 days of start date.

Additional Qualifications:

· Experience with scripting languages (Bash, Python, YAML/Ansible, etc.) to automate Suricata configuration and deployment tasks.

· Proficient understanding of network protocols, intrusion detection methodologies, and security event correlation.

· Experience integrating Suricata with Splunk, or other SIEM solutions.

· Knowledge of containerized deployments of Suricata (Docker/Kubernetes) in enterprise environments.

· Detection and Response (NDR) solutions, including Trellix/FireEye, Corelight, Endace, Vectra AI, Dark Trace, Cisco Security Network Analytics, Open XDR, Fortinet FortiNDR, Trend Vision, etc.

· Ability to be a self-starter, work without considerable direction, and work with a team.

· Possession of excellent verbal and written communication skills, including client briefings and coordinating efforts

Vacancy posted 4 days ago
Similar jobs that could be interesting for youBased on the IDS/IPS Cyber Security Engineer, Mid in Washington DC vacancy
  •  ...clients to fulfill staffing needs in IT, Security, Business Support, and Operations....  ...and networks from potential cyber-attacks. The Cyber Security Engineer must display an excellent understanding...  ...VPNs, Data Loss Prevention (DPS), IDS/IPS, Web-Proxy, Security tools, and... 
    Suggested
    For subcontractor
    Local area

    Red Key Solutions

    Bethesda, MD
    1 day ago
  •  ...Forescout Cyber Security Engineer, Mid What You'll Work On: · Develop relationships quickly and easily with other teams, communicating the...  ...security upgrades · Experience architecting and designing IP networks, including developing and documenting network topologies... 
    Suggested
    Contract work

    Cinteot Inc.

    Riverdale, MD
    1 day ago
  •  ...Requisition ID: 2673 Standard Title: Cyber Security Engineer Required Security Clearance: Top Secret/SCI Location: Bethesda, MD Work Type:...  ...Experience with middleware/web technologies, databases, TCP/IP networking, and CI/CD platforms. Familiarity... 
    Suggested
    Hourly pay
    Contract work
    Temporary work
    Immediate start
    Flexible hours
    Shift work

    Base2 Solutions

    Bethesda, MD
    4 days ago
  •  ...Job Description Job Title: Cyber Security Engineer Company: Client of BizFirst Employment Type: Full-time Permanent W-2 Employee...  ...with security tools and technologies such as firewalls, IDS/IPS, SIEM, antivirus, and endpoint protection. • Vulnerability... 
    Suggested
    Permanent employment
    Full time
    2 days per week
    3 days per week

    Biz First

    Alexandria, VA
    11 days ago
  •  ...Description Cyber Security Engineer SME – TS/SCI with Full Scope Polygraph Xcelerate Solutions is seeking a highly skilled Cyber Security...  ...(Security Groups), VPNs, Data Loss Prevention (DPS), IDS/IPS, Web-Proxy, Security tools, and Security Audits. Candidate... 
    Suggested

    VMD Corp

    Bethesda, MD
    21 hours ago
  •  ...Description Senior Cybersecurity Engineer Role Summary The Senior Cybersecurity...  ...'s technology environment remains secure, compliant, and resilient against emerging...  ...remediation actions. Utilize SIEM, EDR, and IDS/IPS platforms such as CrowdStrike and... 
    Full time
    Local area

    Howard University Hospital

    Washington DC
    3 days ago
  • $145k - $210k

     ...Senior Cyber Security Engineer Cooley is seeking a Senior Cyber Security Engineer to join the Security team. Position summary: Cooley...  ...gateways, firewalls, encryption systems, anti-malware systems, IDS/IPS Configure, maintain, and administer security products... 
    Full time
    Temporary work
    Work at office
    Flexible hours
    Weekend work

    Cooley

    Washington DC
    4 days ago
  •  ...experienced OT/ICS Cybersecurity & Network Security Engineer to serve as the primary liaison between...  ...or unauthorized activity. Maintain IP addressing, device inventories, and...  ...Ability to deploy or configure firewalls, IDS/IPS, CPS, and network devices. Ability... 
    Remote work

    Convergenz

    Bethesda, MD
    21 hours ago
  • We are conducting a search for a Mid‑Level Application Engineer - Cyber Security Analytics Engineer. We are seeking an ideal candidate who can develop and manage software tools to support Enterprise Management. This role involves formulating and defining specifications... 

    SourcePro Search

    Washington DC
    21 hours ago
  • $66.9k - $82.1k

     ...Cybersecurity Incident Response Engineer, Mid supports the detection,...  ...the speed and consistency of security operations. The engineer performs...  ...and incidents using SIEM, IDS/IPS, EDR, and related tools to...  ...platforms integrated with SOC and cyber defense functions.... 
    Contract work
    Work experience placement
    Work at office

    ASM Research, An Accenture Federal Services Company

    Washington DC
    21 hours ago
  • SourcePro Search is seeking a Mid-Level Application Engineer - Cyber Security Analytics Engineer in Washington, DC. The ideal candidate will develop and manage software tools to support Enterprise Management, focusing on software specifications, program design, and documentation... 

    SourcePro Search

    Washington DC
    21 hours ago
  • Cybersecurity Engineer - Mid Position Title: Cybersecurity Engineer - Mid Program: SBA Enterprise...  ...services aligned with enterprise security modernization initiatives. The Cybersecurity...  ...SIEM, EDR, vulnerability management, IDS/IPS, MFA, and security monitoring platforms... 

    cFocus Software Incorporated

    Washington DC
    2 days ago
  •  ...Cyber Security Threat Engineer Comtech is a woman-owned small business founded in 1998 and headquartered in Reston, VA. We offer IT solutions across...  ...Perform software testing (patches, other updates) Troubleshoot OSI layer and TCP/IP related problems.... 

    Comtech LLC

    Washington DC
    4 days ago
  •  ...Description Cyber Security Engineer - TS/SCI Xcelerate Solutions is seeking an exciting opening for you, our next TS/SCI Cyber...  ...MS SQL, MySQL, ElasticSearch, etc.) Understanding of TCP/IP networking. Experience with Continuous Integration and Continuous... 
    Contract work
    Remote work
    Flexible hours

    Xcelerate Solutions

    Bethesda, MD
    3 days ago
  • $112k - $179k

    Cyber Network Security Analyst job at Peraton. Arlington, VA. Program Overview About...  ...data, signature-based IDS alert/event data, full packet...  ...architectures (OSI-model, TCP/IP, major application protocols...  ...knowledge of intrusion detection engines, capabilities, and signature... 
    Internship
    Local area

    Payfuture Technologies

    Arlington, VA
    21 hours ago
  • $135k

     ...Native owned corporation, our work helps secure an enduring future for our shareholders....  ...Federal is looking for an experienced Senior Cyber Security Analyst (Incident Response &...  ...detection capabilities across SIEM, EDR/XDR, IDS/IPS, email security, and firewall platforms.... 
    Permanent employment
    Full time
    For contractors
    Remote work

    ASRC Federal Holding Company

    Beltsville, MD
    3 days ago
  •  ...Sr. Cyber Security Engineer Category: Analytics and Emerging Digital Technologies Main location: United States, District of Columbia, Washington Position ID: J0426-1406 Employment Type: Full Time U.S. - What we do matters ( By playing this video you... 
    Full time
    Local area

    CGI Technologies and Solutions, Inc.

    Washington DC
    3 days ago
  • $92k - $153k

     ...Job Family: IT Cyber Security Travel Required: Up to 10% Clearance Required:...  ...technology, or a related technical support or engineering role. Bachelors degree from an...  ...Accident Insurance, Legal Assistance and ID theft protection, etc.) ~ Position may... 
    Full time
    Temporary work
    Work experience placement
    Flexible hours
    Shift work

    Guidehouse

    Washington DC
    4 days ago
  •  ...experience levels. ** Security Clearance: Ability to obtain...  ...: Yes, with Real ID Compensation : Salary is...  ...Position Description The Field Engineer positions will be part...  ...on level (Junior, Mid, Senior, SME) Hands‑on...  ...basic understanding of IP networking concepts Experience... 
    Full time
    Contract work
    For contractors
    Work at office
    Remote work
    Relocation
    1 day per week

    Blackwatch International

    Alexandria, VA
    21 hours ago
  •  ...Celestial Innovations Group (CIG) is seeking a Mid Zero Trust Engineer to support federal agency clients in...  ...understands that Zero Trust is a security philosophy and architectural strategy,...  ...Microsoft Zero Trust: Microsoft Entra ID (Azure AD), Conditional Access, Intune/... 
    Remote work
    Work from home
    Flexible hours

    CELESTIAL INNOVATIONS GROUP LLC

    Washington DC
    25 days ago
  •  ...Overview Role Summary: The Cyber Security Engineer is responsible for developing and implementing security measures to protect the company's systems and data. Responsibilities Develop and implement security measures. Conduct security assessments and audits... 

    Beyond SOF

    Washington DC
    21 hours ago
  •  ...Description Join the Nalley Consulting team as a Cyber Analyst. Position: Cyber Analyst LCAT: Mid Location : Joint Base Anacostia-Bolling Shift...  ...interpret, forecast, and explain a range of national security issues and developments specific to the cyber... 
    Temporary work
    Flexible hours
    Shift work

    Nalley Consulting

    Washington DC
    3 days ago
  •  ...Cyber Security Operations Engineer Comtech is a woman-owned small business founded in 1998 and headquartered in Reston, VA. We offer IT solutions across...  ...) Experience and knowledge of OSI layers and TCP/IP troubleshooting techniques. Experience with Firewall and... 

    Comtech LLC

    Washington DC
    4 days ago
  •  ...Senior Cyber Security Analyst The client is looking for a Senior Cyber...  ...swings (second shift), and mids. The current position will...  ...Utilize alerts from endpoints, IDS/IPS, netflow, and custom sensors...  ...knowledge of architecture, engineering, and operations of at least... 
    Work experience placement
    Shift work
    Day shift
    Afternoon shift

    Beyond SOF

    Arlington, VA
    24 days ago
  • $62k - $141k

     ...Penetration Tester and Operator, Mid page is loaded## Enterprise...  ...left to apply)job requisition id: R0238924Enterprise Cybersecurity...  ...penetration assessments to identify security risks within applications,...  ...technology solutions using AI, cyber, and other cutting-edge technologies... 
    Full time
    Contract work
    Part time
    Work at office
    Local area
    Remote work

    Booz Allen Hamilton

    Mc Lean, VA
    3 days ago
  • $154.05k - $278.48k

    Leidos has an exciting opportunity for a Cyber Security Engineer—Technical Lead in our Intel Security Sector's Analysis Solutions Business Area...  ...(Security Groups), VPNs, Data Loss Prevention (DPS), IDS/IPS, Web‑Proxy, Security tools, and Security Audits. Primary Responsibilities... 
    Immediate start
    Flexible hours

    Leidos LLC

    Bethesda, MD
    2 days ago
  •  ...design, development and programming, software engineering, systems development, testing,...  ...information, brand and intellectual property (IP), networks, systems and applications. Principal...  ...be exploited and introduce risk to the security of the client. Continually assesses and... 

    Atria Group LLC

    Washington DC
    1 day ago
  • ENS Solutions, LLC is seeking an experienced Suricata Engineer to join our cybersecurity team in Washington, D.C. The ideal candidate will...  ...optimizing packet capture performance, and collaborating with security teams. Benefits include comprehensive health coverage, 401k... 

    ENS Solutions, LLC

    Washington DC
    21 hours ago
  •  ...Everforth ECS Federal is seeking a Mid-Level Endpoint Security Engineer to support a mission-focused federal cybersecurity program in Washington DC. Please Note: This position is contingent upon contract award. Join Everforth ECS Federal to grow your endpoint... 
    Contract work

    ECS Limited

    Washington DC
    3 days ago
  • Nalley Consulting is seeking a Cyber Analyst at Joint Base Anacostia-Bolling. This mid-level position requires a TS/SCI clearance and involves conducting intelligence analysis on national security issues. Candidates should have at least 3 years of relevant experience in... 

    Nalley Consulting

    Washington DC
    2 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to IDS/IPS Cyber Security Engineer, Mid. Be the first to apply!