About
Ennoble First is seeking an Intrusion Detection System/Intrusion Prevention System (IDS/IPS) Cyber Security Engineer to support the deployment, operation, and sustainment of enterprise intrusion detection and intrusion prevention capabilities. This role focuses on implementing and maintaining IDS/IPS platforms to provide real-time threat detection, network visibility, and active protection across complex Government environments. The IDS/IPS Cyber Security Engineer works closely with network engineering, cybersecurity operations, and detection engineering teams to ensure intrusion detection and prevention controls are properly tuned, integrated, and aligned with mission and Zero Trust monitoring requirements. Primary Responsibilities
Deploy, configure, operate, and sustain IDS/IPS platforms in enterprise Government environments Implement and tune detection and prevention signatures, rules, and policies to reduce false positives and improve detection fidelity Monitor IDS/IPS alerts, events, and system health to support timely threat detection and response Integrate IDS/IPS platforms with SIEM, SOAR, NDR, and other security analysis tools Perform upgrades, patching, configuration changes, and lifecycle maintenance activities Troubleshoot detection failures, performance issues, and integration challenges Support SOC and cyber operations teams with alert analysis, packet review, and investigative support Coordinate with network engineers to ensure proper sensor placement, TAP/SPAN configuration, and traffic visibility Develop and maintain technical documentation, runbooks, and operational procedures Support Zero Trust initiatives through continuous monitoring and network-based threat detection Required Qualifications
5+ years of experience supporting cybersecurity engineering, network security, or security operations 3+ years of experience deploying or administering IDS/IPS platforms 2+ years of experience deploying, hosting, monitoring, and securing solutions for Government customers Strong understanding of network protocols, traffic analysis, and intrusion detection methodologies Experience tuning detection signatures and rules to improve signal-to-noise ratios Experience administering Linux-based or appliance-based security platforms Active TS/SCI clearance with polygraph eligibility Education
Associate's degree and 5+ years of experience supporting IT projects and activities, or Bachelor's degree and 3+ years of experience supporting IT projects and activities, or Master's degree and 1+ year of experience supporting IT projects and activities. Years of experience may be accepted in lieu of degree. Certifications
DoD 8570.01-M Information Assurance Technician (IAT) Level II certification (e.g., Security+ CE, CCNA-Security, GSEC, SSCP, CySA+, GICSP, or CND) Ability to obtain a DoD 8570.01-M Cybersecurity Service Provider - Infrastructure Support certification (e.g., CEH, CHFI, CFR, Cloud+, or CND) within 30 days of start date. Preferred Qualifications
Hands-on experience with IDS/IPS technologies such as Snort, Suricata, Zeek, Palo Alto, or similar platforms Experience supporting SOC, IR, or cyber mission operations Experience supporting DoD or Intelligence Community environments Familiarity with NDR platforms and packet-level analysis tools Security certifications such as GCIA, GCIH, GNFA, CISSP, or similar Compensation
Salary range: $120,000 - $150,000 The Ennoble First pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered include responsibilities of the role, education, experience, knowledge, skills, internal equity, alignment with market data, and applicable laws. Equal Employment Opportunity
Ennoble First is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to any characteristic protected by law. E-Verify Participation
Ennoble First participates in E-Verify. Learn more at www.dhs.gov/E-Verify. E-Verify is a registered trademark of the U.S. Department of Homeland Security.
Languages
- English
Notice for Users
This job comes from a TieTalent partner platform. Click "Apply Now" to submit your application directly on their site.