Key skills
AnsibleCloudCyber SecurityLinuxPythonTerraformTypeScriptBashPowerShellAnalyticsNetwork SecurityZero Trust
About this role
Role Overview
- Architect, deploy, integrate, and operate Endace packet capture, monitoring, and network recording platforms across a large, distributed enterprise
- Lead the design, deployment, and configuration of Endace appliances for enterprise-scale packet capture
- Develop packet capture strategies aligned to network architecture, mission requirements, and Zero Trust visibility controls
- Build high-availability, scalable, and resilient Endace clusters across data centers and cloud-connected environments
- Integrate Endace with analytics ecosystems
- Maintain and tune Endace hardware and software for optimal performance, including upgrades, patching, sensor tuning, and storage lifecycle
- Troubleshoot packet loss, timing drift, flow indexing issues, clock synchronization, and performance bottlenecks
- Monitor device health, capacity, and telemetry fidelity to ensure consistent and forensically sound data capture
- Manage PCAP retention strategies, indexing policies, and storage allocation across distributed deployments
- Ensure packet capture and telemetry support identity-aware network segmentation and policy enforcement
- Support the development of traffic baselines, segmentation decisions, and enforcement models using Endace data
- Automate deployment, configuration, and sustainment workflows using Ansible, Terraform, or scripting
- Build dashboards, runbooks, playbooks, and investigation workflows for SOC, threat hunters, and IR teams
- Partner with network engineering, cloud teams, and security operations to ensure full-spectrum telemetry coverage
- Deliver training and guidance to operational teams on Endace platform usage and best practices
Requirements
- 5+ years of experience in cybersecurity engineering, Linux system administration, network security, or SOC tooling
- Experience supporting regulated or high-security environments
- Experience with PowerShell, Bash, Python, or Ansible
- Experience integrating packet capture tools with SIEMs, SOAR tools, and investigation platforms
- Knowledge of core network protocols
- Active TS/SCI clearance; willingness to take a polygraph exam
- Associate’s degree and 5+ years of experience supporting IT projects and activities, Bachelor’s degree and 3+ years of experience supporting IT projects and activities, Master’s degree and 1+ year of experience supporting IT projects and activities, or 7+ years of experience supporting IT projects and activities in lieu of degree
- DoD 8570.01-M Information Assurance Technician (IAT) Level II Certification, including Security+ CE, CCNA-Security, GSEC, SSCP, CySA+, GICSP, or CND Certification
- Ability to obtain a DoD 8570.01-M Cybersecurity Service Provider
- Infrastructure Support Certification, including CEH, CHFI, CFR, Cloud+, or CND certification within 30 days of start date
Tech Stack
- Ansible
- Cloud
- Cyber Security
- Linux
- Python
- Terraform
- TypeScript
Benefits
- Health, life, disability, financial, and retirement benefits
- Paid leave
- Professional development
- Tuition assistance
- Work-life programs
- Dependent care
- Recognition awards program