Posted today
Top Secret/SCI
Unspecified
Polygraph
IT - Security
Reston, VA (On-Site/Office)
The most security-conscious organizations trust Telos Corporation to protect their vital IT assets. The reputation of our company rests on the quality of our solutions and the integrity of our people. Explore what you can bring to our solutions in the areas of cyber, cloud and enterprise security.
Be a part of the Telos culture and see what sets us apart! Telos offers an excellent compensation package with benefits that include generous paid time off, medical, dental, vision, tuition reimbursement, and 401k. Our employees enjoy more than just a great work environment!
We are seeking an experienced Network Intrusion Detection Engineer to join our cybersecurity team. The ideal candidate must possess strong Linux engineering expertise with experience managing YAML configuration files, and how these configurations integrate and influence the Intrusion Detection Systems/Intrusion Prevention Systems (IDS/IPS).Highly qualified candidates will have hands-on engineering and O&M experience with Suricata and/or other network-based IDS capabilities such as Snort, VectraAI, Corelight, etc. You will play a critical role in deploying, tuning, and maintaining the IDS within a complex enterprise IT environment, primarily running on Red Hat Enterprise Linux.
This position will be based at Reston, VA
What You'll Work On:
• Designing, deploying, and maintaining IDS/IPS systems across a large enterprise with multiple networks.
• Developing, reviewing, and optimizing YAML configuration files to ensure optimal detection capabilities and minimal false positives.
• Understanding and managing the interaction between YAML configuration and its runtime engine, including rule loading, protocol decoding, and logging.
• Tuning IDS/IPS for optimal performance with NICs, including configuring Direct Memory Access (DMA), RSS queues, interrupt coalescing, and leveraging any NIC-specific acceleration features.
• Collaborating with security teams to integrate IDS/IPS with SIEM and other security monitoring platforms.
• Troubleshooting installation and operational issues specific to IDS/IPS on Red Hat Enterprise Linux, addressing compatibility, kernel module requirements, SE-Linux policies, and performance tuning.
• Identifying and mitigating common pitfalls encountered when deploying IDS/IPS in large-scale enterprise environments, including package dependencies, system resource constraints, and NIC driver/configuration issues.
• Provide detailed documentation and runbooks for Suricata configuration, tuning NICs, and deployment processes.
• Staying current with Platform IDS/IPS Software releases, NIC driver updates, and community best practices for network interface tuning and IDS/IPS performance enhancement.
Job Requirements
Qualifications:
• Proven experience working with Snort, Suricata, Corelight or other network IDS/IPS systems, including hands-on management of its YAML configuration files.
• Strong knowledge of configuration structure, syntax, and how it controls detection rules, logging, and output modules.
• Extensive experience administering Red Hat Enterprise Linux (RHEL) systems, including package management (yum/dnf), kernel module management, SE-Linux configuration, and system optimization via Unix CLI and other remote shell access vectors (puTTY, SSH, etc.)
• Hands-on experience tuning Suricata for high-performance packet capture with Napatech NICs or similar advanced network interface cards.
• Familiarity with NIC-specific features such as DMA, Receive Side Scaling (RSS), interrupt moderation, and offload capabilities, and how to configure them for Suricata.
• Experience troubleshooting Suricata's interaction with NIC drivers and kernel modules in an enterprise environment.
• TS/SCI clearance with the ability to obtain a counter-intelligence polygraph.
• Bachelor's degree and 5+ years of experience supporting IT projects and activities or Master's degree and 1+ years of experience supporting IT projects and activities. Years of experience may be accepted in lieu of degree.
• DoD 8570 IAT Level II Certification, including Security+ CE, CCNA-Security, GSEC, SSCP, CySA+, GICSP, or CND Certification.• Ability to obtain a DoD 8570 Cyber Security Service Provider - Infrastructure Support Certification, including CEH, CySA+, GICSP, SSCP, CHFI, CFR, Cloud+, or CND Certification, within 60 days of start date.• Ability to obtain a DoD 8570 Cyber Security Service Provider - Infrastructure Support Certification, including CEH, CySA+, GICSP, SSCP, CHFI, CFR, Cloud+, or CND Certification, within 60 days of start date.
• Experience with scripting languages (Bash, Python, YAML/Ansible, etc.) to automate Suricata configuration and deployment tasks.
• Proficient understanding of network protocols, intrusion detection methodologies, and security event correlation.
• Experience integrating Suricata with Splunk, or other SIEM solutions.
• Knowledge of containerized deployments of Suricata (Docker/Kubernetes) in enterprise environments.
• Detection and Response (NDR) solutions, including Trellix/FireEye, Corelight, Endace, Vectra AI, Dark Trace, Cisco Security Network Analytics, Open XDR, Fortinet FortiNDR, Trend Vision, etc.
• Ability to be a self-starter, work without considerable direction, and work with a team.
• Possession of excellent verbal and written communication skills, including client briefings and coordinating efforts
The successful candidate must meet eligibility requirements to access sensitive information, which requires US citizenship.
Telos maintains a drug-free workplace and will conduct drug testing on all applicants who have accepted an offer of employment.
Telos Corporation participates in the E-Verify program. Therefore, any employment with Telos will also be contingent upon confirmation from the Social Security Administration ("SSA") and/or the Department of Homeland Security ("DHS") of your authorization to work in the United States. Telos offers excellent compensation packages including salary commensurate with experience and benefits to meet your needs for today and the future.
Telos Corporation and its subsidiaries are committed to equal opportunity for all, without regard to race, religion, color, national origin, citizenship, sex, sexual orientation, gender identity, age, veteran status, disability, genetic information, or any other protected characteristic. Telos Corporation will make reasonable accommodations for known physical or mental limitations of otherwise qualified employees and applicants with disabilities unless the accommodation would impose an undue hardship on the operation of our business. If you are interested in applying for an employment opportunity and feel you need a reasonable accommodation pursuant to the ADA, please contact us at 1-800-283-1911. If you require relay service assistance, please click on the following link to review information on your state's relay service: https://www.fcc.gov/accessibility.
Telos Corporation is an EEO/AA employer.
Job Type
Full-Time
Location
Reston, VA 20191 US (Primary)
Telos offers an excellent compensation packages including salary commensurate with experience and benefits to meet your needs for today and the future. Telos and its subsidiaries are an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.
Be a part of the Telos culture and see what sets us apart! Telos offers an excellent compensation package with benefits that include generous paid time off, medical, dental, vision, tuition reimbursement, and 401k. Our employees enjoy more than just a great work environment!
We are seeking an experienced Network Intrusion Detection Engineer to join our cybersecurity team. The ideal candidate must possess strong Linux engineering expertise with experience managing YAML configuration files, and how these configurations integrate and influence the Intrusion Detection Systems/Intrusion Prevention Systems (IDS/IPS).Highly qualified candidates will have hands-on engineering and O&M experience with Suricata and/or other network-based IDS capabilities such as Snort, VectraAI, Corelight, etc. You will play a critical role in deploying, tuning, and maintaining the IDS within a complex enterprise IT environment, primarily running on Red Hat Enterprise Linux.
This position will be based at Reston, VA
What You'll Work On:
• Designing, deploying, and maintaining IDS/IPS systems across a large enterprise with multiple networks.
• Developing, reviewing, and optimizing YAML configuration files to ensure optimal detection capabilities and minimal false positives.
• Understanding and managing the interaction between YAML configuration and its runtime engine, including rule loading, protocol decoding, and logging.
• Tuning IDS/IPS for optimal performance with NICs, including configuring Direct Memory Access (DMA), RSS queues, interrupt coalescing, and leveraging any NIC-specific acceleration features.
• Collaborating with security teams to integrate IDS/IPS with SIEM and other security monitoring platforms.
• Troubleshooting installation and operational issues specific to IDS/IPS on Red Hat Enterprise Linux, addressing compatibility, kernel module requirements, SE-Linux policies, and performance tuning.
• Identifying and mitigating common pitfalls encountered when deploying IDS/IPS in large-scale enterprise environments, including package dependencies, system resource constraints, and NIC driver/configuration issues.
• Provide detailed documentation and runbooks for Suricata configuration, tuning NICs, and deployment processes.
• Staying current with Platform IDS/IPS Software releases, NIC driver updates, and community best practices for network interface tuning and IDS/IPS performance enhancement.
Job Requirements
Qualifications:
• Proven experience working with Snort, Suricata, Corelight or other network IDS/IPS systems, including hands-on management of its YAML configuration files.
• Strong knowledge of configuration structure, syntax, and how it controls detection rules, logging, and output modules.
• Extensive experience administering Red Hat Enterprise Linux (RHEL) systems, including package management (yum/dnf), kernel module management, SE-Linux configuration, and system optimization via Unix CLI and other remote shell access vectors (puTTY, SSH, etc.)
• Hands-on experience tuning Suricata for high-performance packet capture with Napatech NICs or similar advanced network interface cards.
• Familiarity with NIC-specific features such as DMA, Receive Side Scaling (RSS), interrupt moderation, and offload capabilities, and how to configure them for Suricata.
• Experience troubleshooting Suricata's interaction with NIC drivers and kernel modules in an enterprise environment.
• TS/SCI clearance with the ability to obtain a counter-intelligence polygraph.
• Bachelor's degree and 5+ years of experience supporting IT projects and activities or Master's degree and 1+ years of experience supporting IT projects and activities. Years of experience may be accepted in lieu of degree.
• DoD 8570 IAT Level II Certification, including Security+ CE, CCNA-Security, GSEC, SSCP, CySA+, GICSP, or CND Certification.• Ability to obtain a DoD 8570 Cyber Security Service Provider - Infrastructure Support Certification, including CEH, CySA+, GICSP, SSCP, CHFI, CFR, Cloud+, or CND Certification, within 60 days of start date.• Ability to obtain a DoD 8570 Cyber Security Service Provider - Infrastructure Support Certification, including CEH, CySA+, GICSP, SSCP, CHFI, CFR, Cloud+, or CND Certification, within 60 days of start date.
• Experience with scripting languages (Bash, Python, YAML/Ansible, etc.) to automate Suricata configuration and deployment tasks.
• Proficient understanding of network protocols, intrusion detection methodologies, and security event correlation.
• Experience integrating Suricata with Splunk, or other SIEM solutions.
• Knowledge of containerized deployments of Suricata (Docker/Kubernetes) in enterprise environments.
• Detection and Response (NDR) solutions, including Trellix/FireEye, Corelight, Endace, Vectra AI, Dark Trace, Cisco Security Network Analytics, Open XDR, Fortinet FortiNDR, Trend Vision, etc.
• Ability to be a self-starter, work without considerable direction, and work with a team.
• Possession of excellent verbal and written communication skills, including client briefings and coordinating efforts
The successful candidate must meet eligibility requirements to access sensitive information, which requires US citizenship.
Telos maintains a drug-free workplace and will conduct drug testing on all applicants who have accepted an offer of employment.
Telos Corporation participates in the E-Verify program. Therefore, any employment with Telos will also be contingent upon confirmation from the Social Security Administration ("SSA") and/or the Department of Homeland Security ("DHS") of your authorization to work in the United States. Telos offers excellent compensation packages including salary commensurate with experience and benefits to meet your needs for today and the future.
Telos Corporation and its subsidiaries are committed to equal opportunity for all, without regard to race, religion, color, national origin, citizenship, sex, sexual orientation, gender identity, age, veteran status, disability, genetic information, or any other protected characteristic. Telos Corporation will make reasonable accommodations for known physical or mental limitations of otherwise qualified employees and applicants with disabilities unless the accommodation would impose an undue hardship on the operation of our business. If you are interested in applying for an employment opportunity and feel you need a reasonable accommodation pursuant to the ADA, please contact us at 1-800-283-1911. If you require relay service assistance, please click on the following link to review information on your state's relay service: https://www.fcc.gov/accessibility.
Telos Corporation is an EEO/AA employer.
Job Type
Full-Time
Location
Reston, VA 20191 US (Primary)
Telos offers an excellent compensation packages including salary commensurate with experience and benefits to meet your needs for today and the future. Telos and its subsidiaries are an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.
group id: 10119964
