EEOC

Senior Cyber Security Engineer, Suricata

EEOC

full-time

Posted on:

Origin:  • 🇺🇸 United States • Colorado, District of Columbia, Florida

Visit company website
AI Apply
Manual Apply

Salary

💰 $77,600 - $176,000 per year

Job Level

Senior

Tech Stack

CloudCyber SecurityDockerKubernetesLinuxOraclePythonSplunkTypeScript

About the role

  • Designing, deploying, and maintaining Suricata IDS / IPS systems across enterprise networks
  • Developing, reviewing, and optimizing Suricata YAML configuration files to ensure optimal detection capabilities and minimal false positives
  • Understanding and managing the interaction between Suricata’s YAML configuration and its runtime engine, including rule loading, protocol decoding, and logging
  • Tuning Suricata for optimal performance with Napatech NICs, including configuring Direct Memory Access ( DMA ) , RSS queues, interrupt coalescing, and leveraging any NIC-specific acceleration features
  • Collaborating with security teams to integrate Suricata with SIEM and other security monitoring platforms
  • Troubleshooting installation and operational issues specific to Suricata on Red Hat Enterprise Linux, addressing compatibility, kernel module requirements, SELinux policies , and performance tuning
  • Identifying and mitigating common pitfalls encountered when deploying Suricata in large-scale enterprise environments, including package dependencies, system resource constraints, and NIC driver or configuration issues
  • Provide detailed documentation and runbooks for Suricata configuration, tuning NICs, and deployment processes
  • Staying current with Suricata releases, NIC driver updates, and community best practices for network interface tuning and IDS / IPS performance enhancement

Requirements

  • Experience working with Suricata IDS / IPS systems, including hands-on management of its YAML configuration files
  • Experience administering Red Hat Enterprise Linux ( RHEL ) systems, including package management, kernel module management, SELinux configuration, and system optimization
  • Experience tuning Suricata for high-performance packet capture with advanced network interface cards, such as Napatech NICs, and with NIC-specific features such as DMA, Receive Side Scaling ( RSS ) , interrupt moderation, and offload capabilities
  • Experience troubleshooting Suricata’s interaction with NIC drivers and kernel modules in an enterprise environment
  • Experience with scripting languages, including Bash or Python, to automate Suricata configuration and deployment tasks
  • Knowledge of the Suricata configuration structure, syntax, and how it controls detection rules, logging, and output modules
  • Active TS/SCI clearance; willingness to take a polygraph exam
  • Associate’s degree and 5+ years of experience supporting IT projects and activities, Bachelor’s degree and 3+ years of experience supporting IT projects and activities, or Master’s degree and 1+ years of experience supporting IT projects, or 7+ years of experience supporting IT projects and activities in lieu of a degree
  • DoD 8570 IAT Level II Certification, including Security+ CE, CCNA-Security, GSEC, SSCP, CySA+, GICSP, or CND Certification
  • Ability to obtain a DoD 8570 Cybersecurity Service Provider - Infrastructure Support Certification, including CEH, CySA+, GICSP, SSCP, CHFI, CFR, Cloud+, or CND Certification, within 30 days of start date