IDS/IPS Cyber Security Engineer (Forescout) - TS/SCI CI Poly
Related skills
docker kubernetes rhel yaml snort📋 Description
- Designing, deploying, and maintaining IDS/IPS across a large enterprise.
- Developing and optimizing YAML config files for detection and fewer false positives.
- Managing YAML runtime interactions: rule loading, protocol decoding, logging.
- Tuning IDS/IPS with NICs: DMA, RSS, interrupt coalescing, acceleration.
- Collaborating with security teams to integrate IDS/IPS with SIEM.
- Troubleshooting IDS/IPS on RHEL: kernel modules, SE-Linux, and performance tuning.
🎯 Requirements
- Experience with Snort, Suricata, Corelight, or other IDS/IPS and YAML config.
- Strong knowledge of detection rules, logging, and outputs.
- Extensive experience administering RHEL.
- Hands-on tuning of Suricata for high performance with NICs.
- Familiar with NIC features: DMA, RSS, interrupt coalescing.
- TS/SCI clearance with CI poly; DoD 8570 IAT II cert or able to obtain.
🎁 Benefits
- Remote workforce (US-based); some on-site for Federal positions.
- Medical insurance: Zero‑Deductible PPO or HDHP with HSA.
- Dental insurance: 100% for employees; partial for family.
- 12 corporate holidays and Flexible Time Off.
- Healthy mobile phone and home internet allowance.
Meet JobCopilot: Your Personal AI Job Hunter
Automatically Apply to Engineering Jobs. Just set your
preferences and Job Copilot will do the rest — finding, filtering, and applying while you focus on what matters.
Help us maintain the quality of jobs posted on Empllo!
Is this position not a remote job?
Let us know!