IDS/IPS Security Engineer

Morrisville, North Carolina, United States

Full Time
phia LLC logo
phia LLC
Apply now Apply later

Posted 1 week ago

OVERVIEW:

phia LLC is seeking an IDS/IPS Security Engineer knowledgeable in CISCO Firepower platforms, Next Generation firewalls, intrusion detection and protection systems to join our team of qualified, diverse individuals. This support contract provides a broad range of cyber services to all components under the CISO including cyber operations, cyber risk, security engineering and digital integration departments. The client’s enterprise consists of over 600,000 employees, 500,000 devices, 200,000 enterprise email accounts, 200,000 endpoints, 800 firewall sets, and 640+ URLs of which 350 require web application firewall protection. This position primary location is Morrisville, NC with full remote work during the pandemic.

DUTIES:

Responsibilities:

  • Operate, maintain, and deploy IDS and IPS devices.
  • Maintain intrusion ruleset, optimizing detection, configure NGFW ACLs, general device configuration and maintenance, troubleshoot the devices when needed.
  • Provide operational requirements and recommendations to the Security Architects for service enhancements and system improvements.
  • On-call availability for network impacting or network outage situations outside of business hours.
  • Effectively work within a Security team, and support and collaborate with other teams.
  • Conduct Intrusion event analysis and support security operation center (SOC) incident response, threat detection teams.
  • Develop documentations, e.g. standard operating procedures (SOP), and support audit events.
  • Develop reports on systems status and performance.

Requirements

REQUIRED SKILLS AND QUALIFICATIONS:

  • Bachelor’s Degree with a major in Information Technology, Computer Science/Computer Engineering, Engineering, Science or a related field
  • U.S. Citizen
  • CISCO Firepower Threat Defense IDS/IPS, FMC
  • Prior job experience maintaining and troubleshooting IDS/IPS devices
  • Experience with Splunk and other SIEM tools
  • Proficiency with packet analysis/Wireshark
  • Networking – routing and switching, TCP/IP stack, IP subnets, VPN
  • Scripting – python, perl, javascript
  • Experience with threat analysis, triage, and mitigation
  • Experience with Linux
  • Experience with packet analysis
  • Knowledge of databases
  • Knowledge of networking and network protocols
  • Certification in one or more of the following: Security+ or CISSP

PREFERRED SKILLS AND QUALIFICATIONS:

  • Networking+, CEH, GCIH, CCNA Route Switch or CCNA Security, CCNP Route Switch or CCNP Security, CCIE Route Switch or CCIE Security
  • Experience with threat analysis, triage, and mitigation
  • Tipping Point IDS, ATD, DDI, DDD, SPS, SMS
  • Understanding of NGFW ACLs
  • Experience writing Snort rules
  • Proficiency with Wireshark
  • Experience with Splunk
  • Ability to write clear procedural and technical documentation
  • Knowledge of external authentication and user management
  • Experience troubleshooting network problems at layers 1, 2, and 3

WORK SCHEDULE: Core Business Hours (8am-5pm; start/end time flexible)

TRAVEL: <5%

TELEWORK ELIGIBILITY: Primary location is Morrisville, NC with full remote work during the pandemic.

SECURITY REQUIREMENT: Eligible for Public Trust/Sensitive (up to Top Secret)

Benefits

COMPANY OVERVIEW:

phia, LLC is a Northern Virginia based, 8a certified small business that was established in 2011. We focus on the full spectrum of disciplines within the cyber, intelligence, and technology arenas.

We support mission-critical teams within various agencies and offices within the Federal government, including Civilian, Defense, Law Enforcement and Intel. We like to describe phia as truly by technical people and for technical people. phia’s founders wanted to create an employee-centered culture, where we care about the people as much as the mission.

Our goal is to continue to hire talented and passionate team members, who desire to grow their skillsets as well as the reputation of the company with our partners, clients and stakeholders. With this goal in mind, we invite you to apply for positions, even if you don't meet the desired years of experience listed in our position descriptions. We are more interested in intellectually curious individuals with the ability to work autonomously and with teams. If your experience does not match our exact requirements of a position but you are otherwise an awesome candidate, we will work hard to find a position that suits you.

Our company culture is unique; we consider everyone on the team a part of the phia phamily. We make great efforts to foster cohesiveness through one-on-one interactions, professional mentoring, and group outings. In short, our leadership team is personally invested in each employee. phia offers a rewarding environment with talented & passionate people.

Excellent benefits for full time W2 candidates to enhance the work-life balance, these include the following:

  • Medical Insurance
  • Dental Insurance
  • Vision Insurance
  • Life Insurance
  • Short Term & Long-Term Disability
  • 401k Retirement Savings Plan with Company Match
  • Paid Holidays
  • Paid Time Off (PTO)
  • Tuition and Professional Development Assistance
  • Flex Spending Accounts (FSA)
  • Parking Reimbursement
  • Monthly Payroll
Job tags: CEH CISSP Firewall GCIH IDS Incident response IPS JavaScript Linux Perl Python SIEM Splunk TCP/IP Threat detection Top Secret
Share this job: