Architect, deploy, integrate, and operate Endace packet capture, monitoring, and network recording platforms across a large, distributed enterprise
Lead the design, deployment, and configuration of Endace appliances for enterprise-scale packet capture
Develop packet capture strategies aligned to network architecture, mission requirements, and Zero Trust visibility controls
Build high-availability, scalable, and resilient Endace clusters across data centers and cloud-connected environments
Integrate Endace with analytics ecosystems
Maintain and tune Endace hardware and software for optimal performance, including upgrades, patching, sensor tuning, and storage lifecycle
Troubleshoot packet loss, timing drift, flow indexing issues, clock synchronization, and performance bottlenecks
Monitor device health, capacity, and telemetry fidelity to ensure consistent and forensically sound data capture
Manage PCAP retention strategies, indexing policies, and storage allocation across distributed deployments
Ensure packet capture and telemetry support identity-aware network segmentation and policy enforcement
Support the development of traffic baselines, segmentation decisions, and enforcement models using Endace data
Automate deployment, configuration, and sustainment workflows using Ansible, Terraform, or scripting
Build dashboards, runbooks, playbooks, and investigation workflows for SOC, threat hunters, and IR teams
Partner with network engineering, cloud teams, and security operations to ensure full-spectrum telemetry coverage
Deliver training and guidance to operational teams on Endace platform usage and best practices

Requirements

5+ years of experience in cybersecurity engineering, Linux system administration, network security, or SOC tooling
Experience supporting regulated or high-security environments
Experience with PowerShell, Bash, Python, or Ansible
Experience integrating packet capture tools with SIEMs, SOAR tools, and investigation platforms
Knowledge of core network protocols
Active TS/SCI clearance; willingness to take a polygraph exam
Associate’s degree and 5+ years of experience supporting IT projects and activities, Bachelor’s degree and 3+ years of experience supporting IT projects and activities, Master’s degree and 1+ year of experience supporting IT projects and activities, or 7+ years of experience supporting IT projects and activities in lieu of degree
DoD 8570.01-M Information Assurance Technician (IAT) Level II Certification, including Security+ CE, CCNA-Security, GSEC, SSCP, CySA+, GICSP, or CND Certification
Ability to obtain a DoD 8570.01-M Cybersecurity Service Provider - Infrastructure Support Certification, including CEH, CHFI, CFR, Cloud+, or CND certification within 30 days of start date

Benefits

Health, life, disability, financial, and retirement benefits
Paid leave
Professional development
Tuition assistance
Work-life programs
Dependent care
Recognition awards program

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

packet capturenetwork recordingEndace appliancesZero Trust visibilityAnsibleTerraformPowerShellBashPythonSIEM integration

Soft Skills

leadershipcommunicationtrainingcollaborationtroubleshootingproblem-solvingorganizational skillsguidance

Certifications

TS/SCI clearanceDoD 8570.01-M IAT Level IISecurity+ CECCNA-SecurityGSECSSCPCySA+GICSPCND CertificationCEH