IDS/IPS Cyber Security Engineer, Mid
DAn Solutions Inc
REQUIRES AN EXISTING/ACTIVE TS/SCI WITH CI POLYGRAPH - NO REMOTE WORK, MUST WORK ON SITE
Job Description:
We are seeking an experienced Network Intrusion Detection Engineer to join our cybersecurity team. The ideal candidate must possess strong Linux engineering expertise with experience managing YAML configuration files, and how these configurations integrate and influence the Intrusion Detection Systems/Intrusion Prevention Systems (IDS/IPS). Highly qualified candidates will have hands-on engineering and O&M experience with Suricata and/or other network-based IDS capabilities such as Snort, VectraAI, Corelight, etc. You will play a critical role in deploying, tuning, and maintaining the IDS within a complex enterprise IT environment, primarily running on Red Hat Enterprise Linux.
What You'll Work On:
· Designing, deploying, and maintaining IDS/IPS systems across a large enterprise with multiple networks.
· Developing, reviewing, and optimizing YAML configuration files to ensure optimal detection capabilities and minimal false positives.
· Understanding and managing the interaction between YAML configuration and its runtime engine, including rule loading, protocol decoding, and logging.
· Tuning IDS/IPS for optimal performance with NICs, including configuring Direct Memory Access (DMA), RSS queues, interrupt coalescing, and leveraging any NIC-specific acceleration features.
· Collaborating with security teams to integrate IDS/IPS with SIEM and other security monitoring platforms.
· Troubleshooting installation and operational issues specific to IDS/IPS on Red Hat Enterprise Linux, addressing compatibility, kernel module requirements, SE-Linux policies, and performance tuning.
· Identifying and mitigating common pitfalls encountered when deploying IDS/IPS in large-scale enterprise environments, including package dependencies, system resource constraints, and NIC driver/configuration issues.
· Provide detailed documentation and runbooks for Suricata configuration, tuning NICs, and deployment processes.
· Staying current with Platform IDS/IPS Software releases, NIC driver updates, and community best practices for network interface tuning and IDS/IPS performance enhancement.
Basic Qualifications:
· Proven experience working with Snort, Suricata, Corelight or other network IDS/IPS systems, including hands-on management of its YAML configuration files.
· Strong knowledge of configuration structure, syntax, and how it controls detection rules, logging, and output modules.
· Extensive experience administering Red Hat Enterprise Linux (RHEL) systems, including package management (yum/dnf), kernel module management, SE-Linux configuration, and system optimization via Unix CLI and other remote shell access vectors (puTTY, SSH, etc.)
· Hands-on experience tuning Suricata for high-performance packet capture with Napatech NICs or similar advanced network interface cards.
· Familiarity with NIC-specific features such as DMA, Receive Side Scaling (RSS), interrupt moderation, and offload capabilities, and how to configure them for Suricata.
· Experience troubleshooting Suricata's interaction with NIC drivers and kernel modules in an enterprise environment.
· TS/SCI clearance with the ability to obtain a counter-intelligence polygraph.
· Associate's degree and 5+ years of experience supporting IT projects and activities or Bachelor's degree and 3+ years of experience supporting IT projects and activities or Master's degree and 1+ years of experience supporting IT projects and activities. Years of experience may be accepted in lieu of degree.
· DoD 8570 IAT Level II Certification, including Security+ CE, CCNA-Security, GSEC, SSCP, CySA+, GICSP, or CND Certification.
· Ability to obtain a DoD 8570 Cyber Security Service Provider - Infrastructure Support Certification, including CEH, CySA+, GICSP, SSCP, CHFI, CFR, Cloud+, or CND Certification, within 60 days of start date.
Additional Qualifications:
· Experience with scripting languages (Bash, Python, YAML/Ansible, etc.) to automate Suricata configuration and deployment tasks.
· Proficient understanding of network protocols, intrusion detection methodologies, and security event correlation.
· Experience integrating Suricata with Splunk, or other SIEM solutions.
· Knowledge of containerized deployments of Suricata (Docker/Kubernetes) in enterprise environments.
· Detection and Response (NDR) solutions, including Trellix/FireEye, Corelight, Endace, Vectra AI, Dark Trace, Cisco Security Network Analytics, Open XDR, Fortinet FortiNDR, Trend Vision, etc.
· Ability to be a self-starter, work without considerable direction, and work with a team.
· Possession of excellent verbal and written communication skills, including client briefings and coordinating efforts
- ...Requisition ID: 2672 Standard Title: Senior Cyber Security Engineer Required Security Clearance: Top Secret/SCI Location: Bethesda, MD Work Type... ...Experience with middleware/web technologies, databases, TCP/IP networking, and CI/CD platforms. Familiarity...SuggestedHourly payContract workTemporary workImmediate startFlexible hoursShift work
- ...Cyber Security Engineer Hoplite Solutions is seeking multiple Cyber Security Engineers. This role is responsible for protecting the customer... ...(Security Groups), VPNs, Data Loss Prevention (DPS), IDS/IPS, Web-Proxy, Security tools, and Security Audits. Candidates...SuggestedTemporary workWork experience placement
- ...Cyber Security Engineer Company: Client of BizFirst Employment Type: Full-time Permanent W-2 Employee Work Type: Hybrid (2-3 days/week onsite... ...with security tools and technologies such as firewalls, IDS/IPS, SIEM, antivirus, and endpoint protection. Vulnerability Management...SuggestedPermanent employmentFull time2 days per week3 days per week
- ...Manufacturing Co is seeking a Firewall Engineer Level 3 in Suitland, MD to support a DoD... ...candidate will possess advanced knowledge in IPS/IDS and Firewall technologies. This role... ...includes responsibilities such as designing security policies, managing security appliances,...Suggested
- cFocus Software seeks a Cyber Security Engineer II to join our program supporting the National Institutes of Health (NIH). This position is fully... ...of network security technologies including firewalls, IDS/IPS, web application firewalls, secure gateways, and network segmentation...SuggestedRemote work
$145k - $165k
...Description Senior Cybersecurity Engineer Role Summary The Senior Cybersecurity... ...'s technology environment remains secure, compliant, and resilient against emerging... ...remediation actions. Utilize SIEM, EDR, and IDS/IPS platforms such as CrowdStrike and...Full timeLocal area- ...esteemed Randstad client in Washington, D.C. is seeking a Senior Cyber Security Engineer for a 12+ month contract role. This crucial position... ...Data Classification, Access Controls, Network Security (FW, IDS, IPS, etc.), and Web Application Firewall Security. Possession...Contract work
$145k - $210k
...Senior Cyber Security Engineer Cooley is seeking a Senior Cyber Security Engineer to join the Security team. Position summary: Cooley... ...gateways, firewalls, encryption systems, anti-malware systems, IDS/IPS Configure, maintain, and administer security products...Full timeTemporary workWork at officeFlexible hoursWeekend work- We are conducting a search for a Mid‑Level Application Engineer - Cyber Security Analytics Engineer. We are seeking an ideal candidate who can develop and manage software tools to support Enterprise Management. This role involves formulating and defining specifications...
- SourcePro Search is seeking a Mid-Level Application Engineer - Cyber Security Analytics Engineer in Washington, DC. The ideal candidate will develop and manage software tools to support Enterprise Management, focusing on software specifications, program design, and documentation...
$105.52k - $115k
...reputation for creating meaningful change in the world. Job Title Cyber Security Engineer III (Information Security Engineering) Summary The Cyber... ..., macOS), internet applications (email, web, DNS/DHCP, TCP/IP), desktop software, antivirus tools, encryption technologies...Full timeWork at officeLocal areaRemote workMonday to FridayNight shiftAfternoon shift- ...Cyber Security Threat Engineer Comtech is a woman-owned small business founded in 1998 and headquartered in Reston, VA. We offer IT solutions across... ...Perform software testing (patches, other updates) Troubleshoot OSI layer and TCP/IP related problems....
$112k - $179k
Cyber Network Security Analyst job at Peraton. Arlington, VA. Program Overview About... ...data, signature-based IDS alert/event data, full packet... ...architectures (OSI-model, TCP/IP, major application protocols... ...knowledge of intrusion detection engines, capabilities, and signature...InternshipLocal area- ...Thriving" ($5MM–$50MM in gross revenue) and "Mid-Atlantic Region" (DC, DE, MD, NC, VA, WV)... ...~3+ years of experience as a lead Engineer ~ CISSP required ~5 years of experience... ...cyberattack. ~ Communicate the organization's security posture, risks, and incident status to...Contract work
- ...Senior Cyber Security Analyst The client is looking for a Senior Cyber... ...swings (second shift), and mids. The current position will... ...Utilize alerts from endpoints, IDS/IPS, netflow, and custom sensors... ...knowledge of architecture, engineering, and operations of at least...Work experience placementShift workDay shiftAfternoon shift
- ...Join the Nalley Consulting team as a Cyber Analyst. Position: Cyber Analyst LCAT: Mid Location: Joint Base Anacostia-Bolling Shift work: No Clearance requirement... ...interpret, forecast, and explain a range of national security issues and developments specific to the cyber domain....Temporary workFlexible hoursShift work
$154.05k - $278.48k
Leidos has an exciting opportunity for a Cyber Security Engineer—Technical Lead in our Intel Security Sector's Analysis Solutions Business Area... ...(Security Groups), VPNs, Data Loss Prevention (DPS), IDS/IPS, Web‑Proxy, Security tools, and Security Audits. Primary Responsibilities...Immediate startFlexible hours- ...design, development and programming, software engineering, systems development, testing,... ...information, brand and intellectual property (IP), networks, systems and applications. Principal... ...be exploited and introduce risk to the security of the client. Continually assesses and...
- ENS Solutions, LLC is seeking an experienced Suricata Engineer to join our cybersecurity team in Washington, D.C. The ideal candidate will... ...optimizing packet capture performance, and collaborating with security teams. Benefits include comprehensive health coverage, 401k...
$83k - $139k
GIS Engineer (Mid) page is loaded## GIS Engineer (Mid)locations: Bolling AFB, DC: Arlington, VA... ...on: Posted Todayjob requisition id: R23747Vantor is forging the new frontier... ...position requires an active U.S. Government security clearance, applicants who do not currently...- Nalley Consulting is seeking a Cyber Analyst at Joint Base Anacostia-Bolling. This mid-level position requires a TS/SCI clearance and involves conducting intelligence analysis on national security issues. Candidates should have at least 3 years of relevant experience in...
$62k - $141k
...Cybersecurity Analyst, Mid The Opportunity: Warnings about cyber threats are everywhere and the constantly... ...your knowledge as an Information Security Risk Specialist who knows how to... ...Cybersecurity, Information Systems, CS, or Engineering field Industry-recognized...Full timeContract workPart timeWork at officeLocal areaRemote work$62k - $141k
...Cybersecurity Analyst, Mid Warnings about cyber threats are everywhere and the constantly evolving... ...build your knowledge as an Information Security Risk Specialist who knows how to... ...Cybersecurity, Information Systems, CS, or Engineering field Industry-recognized...Local area- ...application scanning, phishing campaigns, cloud access security broker, and other cross functional security tools.... ...various information security technologies (i.e., IDS/IPS, HIPS, DLP, firewalls, network engineering, database, etc.). In-depth experience with cybersecurity...
- ...Cybersecurity Engineer (Zero Trust) Client: Federal Client Location: Washington DC Interview Type: Microsoft Teams Opportunity... ...support of NEA’s transition to Zero Trust and a Data Centric Security Architecture. The Cybersecurity Engineer shall support the...Contract workH1bWork at officeImmediate start
- ...Overview Role Summary: The Cyber Security Engineer is responsible for developing and implementing security measures to protect the company's systems and data. Responsibilities Develop and implement security measures. Conduct security assessments and audits...
$86.8k - $135.63k
...Responsibilities * This is for a potential upcoming opportunity. Position Overview The Cyber Security Engineer (CSE3) provides cybersecurity engineering and Risk Management Framework (RMF) support to the PMS 339 Surface Training Systems Program Office . This...Full timeContract workPart timeInterim roleWork at officeLocal areaRemote work- ...Position: Cyber Security Engineer Location: Arlington, VA Role: Deliver security architecture expertise, and best practices oversight. Responsible for designing, architecting, and supporting the administration and management of the IT/OT Security infrastructure...
- ...Cyber Security Requires US Citizenship Employment Term and Type: Regular, Full Time Required Security Clearance: TS/SCI Required Education... ...to include Secure Information Systems, Security and Engineering and Intelligence Analysis. Our turnkey solutions include design...Full timeFor contractorsCasual workWork at officeRemote workWorldwide
- Job Posting This contractor and subcontractor shall abide by the requirements of 41 CFR 60–1.4(a), 60–300.5(a) and 60–741.5(a). These regulations prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities...For contractorsFor subcontractor
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to IDS/IPS Cyber Security Engineer, Mid. Be the first to apply!
- cyber security engineer Washington DC
- cyber Washington DC
- cyber threat intelligence analyst Washington DC
- cyber security sales Washington DC
- cyber security lead Washington DC
- cyber security part time Washington DC
- work from home cyber security Washington DC
- IT cyber security Washington DC
- cyber security technician Washington DC
- cyber security architect Washington DC

