TS/SCI w/ Poly IDS/IPS Engineer

We are seeking an experienced Suricata Engineer to join our cybersecurity team. The ideal candidate will possess deep technical expertise in Suricata, particularly in understanding and managing its YAML configuration files, and how these configurations integrate and influence the Suricata Intrusion Detection Systems/Intrusion Prevention Systems (IDS/IPS). You will play a critical role in deploying, tuning, and maintaining Suricata within a complex enterprise IT environment, primarily running on Red Hat Enterprise Linux.
A key focus of this role will be tuning Suricata to operate optimally with Napatech network interface cards (NICs), ensuring high-performance packet capture and processing while minimizing packet loss and system resource overhead.

What You’ll Work On:
• Designing, deploying, and maintaining Suricata IDS/IPS systems across enterprise networks.
• Developing, reviewing, and optimizing Suricata YAML configuration files to ensure optimal detection capabilities and minimal false positives.
• Understanding and managing the interaction between Suricata’s YAML configuration and its runtime engine, including rule loading, protocol decoding, and logging.
• Tuning Suricata for optimal performance with Napatech NICs, including configuring Direct Memory Access (DMA), RSS queues, interrupt coalescing, and leveraging any NIC-specific acceleration features.
• Collaborating with security teams to integrate Suricata with SIEM and other security monitoring platforms.

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.

• TS/SCI clearance with a counter-intelligence polygraph.
• DoD 8570 IAT Level II Certification, including Security+ CE, CCNA-Security, GSEC, SSCP, CySA+, GICSP, or CND Certification.
• Ability to obtain a DoD 8570 Cybersecurity Service Provider - Infrastructure Support Certification, including CEH, CySA+, GICSP, SSCP, CHFI, CFR, Cloud+, or CND Certification, within 30 days of start date.
• Proven experience working with Suricata IDS/IPS systems, including hands-on management of its YAML configuration files.
• Strong knowledge of the Suricata configuration structure, syntax, and how it controls detection rules, logging, and output modules.
• Extensive experience administering Red Hat Enterprise Linux (RHEL) systems, including package management (yum/dnf), kernel module management, SELinux configuration, and system optimization.

• Proficient understanding of network protocols, intrusion detection methodologies, and security event correlation.
• Experience integrating Suricata with Splunk, or other SIEM solutions.
• Knowledge of containerized deployments of Suricata (Docker/Kubernetes) in enterprise environments.
• Familiarity with common Linux operating systems, including RHEL, Oracle, CentOS.

Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.