Suricata Cyber Security Engineer
Ennoble First
Reston, VA
Apply
JOB DETAILS
SKILLS
Bash Scripting, Best Practices, CCNA - Cisco Certified Network Associate, CentOS, Communication Skills, CompTIA Security+, Computer Network Defense (CND), Configuration Management, Counterintelligence Polygraph, Defense Intelligence, Device Drivers, DoD Directive 8140, DoD Directive 8570, Docker, GSEC - GIAC Security Essentials Certification, Government, IAT - Information Assurance Technical, Identify Issues, Internet Security, Intrusion Detection Systems, Intrusion Prevention Systems, Kernel Programming, Legal, Linux Administration, Linux Kernel Drivers, Linux Operating System, National Intelligence Council (NIC), Network Protocols, Open Source, Operational Support, Operations Processes, Oracle, Organizational Skills, Performance Tuning/Optimization, Presentation/Verbal Skills, Python Programming/Scripting Language, RSS (RDF Site Summary), Red Hat Linux Operating System, SSCP - Systems Security Certified Practitioner, Scripting (Scripting Languages), Security Information and Event Management (SIEM), Security-Enhanced Linux (SELinux), Sensitive Compartmented Information (SCI), Splunk, Team Player, Technical Support, Technical Writing, Top Secret Clearance, Writing Skills
LOCATION
Reston, VA
POSTED
8 days ago
Location: Reston, VA or Washington, DC
Required Clearance: TS/SCI with the ability to obtain a CI Polygraph
Employment Type: Full-Time Regular
Travel: Minimal
Remote: No Remote
Company Overview
We are Ennoble First. The people supporting and securing some of the most complex government, defense, and intelligence projects across the country. We ensure today is safe and tomorrow is smarter. Our work has meaning and impact on the world around us, but also on us, and that's important. Ennoble First is your place. You make it your own by embracing autonomy, seizing opportunity, and being trusted to deliver your best every day. We think. We act. We deliver. There is no challenge we can't turn into an opportunity.
Position Description
We are seeking an experienced Suricata Cyber Security Engineer to support enterprise cybersecurity operations within a complex mission environment. This role focuses on the deployment, integration, tuning, and sustainment of Suricata IDS/IPS solutions operating within Red Hat Enterprise Linux environments. The ideal candidate will bring strong experience with Suricata configuration management, enterprise Linux administration, and high-performance packet capture technologies including Napatech network interface cards (NICs).
This position plays a critical role in securing and protecting mission systems through advanced intrusion detection, performance optimization, and enterprise cybersecurity engineering support.
Primary Responsibilities
" Design, deploy, and maintain Suricata IDS/IPS systems across enterprise networks.
" Develop, review, and optimize Suricata YAML configuration files to ensure strong detection capability and minimal false positives.
" Manage and tune the interaction between Suricata configuration, rule loading, protocol decoding, logging, and runtime engine performance.
" Tune Suricata for high-performance packet capture and processing with Napatech NICs, including DMA, RSS queues, interrupt coalescing, and hardware acceleration features.
" Troubleshoot Suricata deployments within Red Hat Enterprise Linux (RHEL) environments, including kernel modules, SELinux policies, package dependencies, and system optimization.
" Collaborate with cybersecurity and operations teams to integrate Suricata with SIEM and enterprise monitoring platforms.
" Identify and mitigate operational challenges in large-scale enterprise deployments, including resource constraints, packet loss, and NIC driver configuration issues.
" Develop automation scripts using Bash or Python to support deployment, tuning, and operational maintenance activities.
" Create and maintain technical documentation, deployment procedures, and operational runbooks.
" Stay current with Suricata releases, enterprise Linux updates, Napatech driver enhancements, and IDS/IPS performance best practices.
Required Qualifications
" Experience supporting and administering Suricata IDS/IPS systems in enterprise environments.
" Strong understanding of Suricata YAML configuration structure, syntax, detection rules, logging, and output modules.
" Experience administering Red Hat Enterprise Linux (RHEL), including yum/dnf package management, kernel module management, SELinux configuration, and system performance tuning.
" Hands-on experience tuning Suricata with Napatech NICs or comparable high-performance network interface cards.
" Familiarity with advanced NIC technologies such as DMA, RSS, interrupt moderation, and offload capabilities.
" Experience troubleshooting Suricata interaction with NIC drivers and Linux kernel modules.
" Experience with scripting and automation using Bash and/or Python.
" Strong understanding of network protocols, intrusion detection methodologies, and enterprise cybersecurity operations.
" Bachelor's degree and 3+ years of experience supporting IT projects and activities. Additional years of experience may be considered in lieu of degree requirements.
" Active DoD 8570 IAT Level II certification such as Security+ CE, CCNA-Security, GSEC, SSCP, CySA+, GICSP, or CND.
" Ability to obtain a DoD 8570 Cybersecurity Service Provider Infrastructure Support certification within 30 days of start date.
" Active TS/SCI clearance with the ability to obtain a Counterintelligence Polygraph.
Preferred Qualifications
" Experience integrating Suricata with Splunk or other SIEM platforms.
" Familiarity with containerized Suricata deployments using Docker or Kubernetes.
" Experience supporting enterprise Linux environments including RHEL, Oracle Linux, and CentOS.
" Familiarity with other commercial or open-source IDS/IPS technologies.
" Ability to work independently in fast-paced mission environments while collaborating effectively across technical teams.
" Strong verbal and written communication skills with the ability to coordinate directly with customers and stakeholders.
Pay Range
$120,000 $185,000
The Ennoble First pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
EEO Statement
Ennoble First is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.
E-Verify Participation
Ennoble First participates in E-Verify.
Learn more at www.dhs.gov/E-Verify.
E-Verify is a registered trademark of the U.S. Department of Homeland Security.
Ennoble First is committed to providing a diverse and inclusive work environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.
Ennoble First participates in E-Verify.
The information below will be listed on our website's careers landing page.
EEO is the Law | Pay Transparency Nondiscrimination
![Learn more about E-verify]()
www.dhs.gov/E-Verify
E-Verify is a registered trademark of the U.S. Department of Homeland Security. This business uses E-Verify in its hiring practices to achieve a lawful workforce.
Ennoble First participates in E-Verify.
The information below will be listed on our website's careers landing page.
EEO is the Law | Pay Transparency Nondiscrimination
E-Verify is a registered trademark of the U.S. Department of Homeland Security. This business uses E-Verify in its hiring practices to achieve a lawful workforce.
About the Company
E
Ennoble First
with Ennoble First to boost your career. Ennoble First is a high-energy, technology-driven employer with people-centered values fostering continuous learning. We are a rapidly growing company. To support our expansion plans and achieve our growth objectives we are always seeking talented IT professionals. We believe an outstanding company to work for is an exceptional company to work with. By combining a great environment with great minds, we produce great results. Ennoble First promotes an all inclusive innovation friendly environment.
COMPANY SIZE
100 to 499 employeesINDUSTRY
Internet Services
FOUNDED
2014