Government Careers
  • Suricata Engineer - Active TS/SCI with CI Poly

  • ENS Solutions, LLC
  • Norfolk, Virginia 23501 United States View Map

Suricata Engineer

We are seeking an experienced Suricata Engineer to join our cybersecurity team. The ideal candidate will possess deep technical expertise in Suricata, particularly in understanding and managing its YAML configuration files, and how these configurations integrate and influence the Suricata Intrusion Detection Systems/Intrusion Prevention Systems (IDS/IPS). You will play a critical role in deploying, tuning, and maintaining Suricata within a complex enterprise IT environment, primarily running on Red Hat Enterprise Linux.

A key focus of this role will be tuning Suricata to operate optimally with Napatech network interface cards (NICs), ensuring high-performance packet capture and processing while minimizing packet loss and system resource overhead.

What You'll Work On:

  • Designing, deploying, and maintaining Suricata IDS/IPS systems across enterprise networks.
  • Developing, reviewing, and optimizing Suricata YAML configuration files to ensure optimal detection capabilities and minimal false positives.
  • Understanding and managing the interaction between Suricata's YAML configuration and its runtime engine, including rule loading, protocol decoding, and logging.
  • Tuning Suricata for optimal performance with Napatech NICs, including configuring Direct Memory Access (DMA), RSS queues, interrupt coalescing, and leveraging any NIC-specific acceleration features.
  • Collaborating with security teams to integrate Suricata with SIEM and other security monitoring platforms.
  • Troubleshooting installation and operational issues specific to Suricata on Red Hat Enterprise Linux, addressing compatibility, kernel module requirements, SELinux policies, and performance tuning.
  • Identifying and mitigating common pitfalls encountered when deploying Suricata in large-scale enterprise environments, including package dependencies, system resource constraints, and NIC driver/configuration issues.
  • Provide detailed documentation and runbooks for Suricata configuration, tuning NICs, and deployment processes.
  • Staying current with Suricata releases, NIC driver updates, and community best practices for network interface tuning and IDS/IPS performance enhancement.

Suricata Engineer

We are seeking an experienced Suricata Engineer to join our cybersecurity team. The ideal candidate will possess deep technical expertise in Suricata, particularly in understanding and managing its YAML configuration files, and how these configurations integrate and influence the Suricata Intrusion Detection Systems/Intrusion Prevention Systems (IDS/IPS). You will play a critical role in deploying, tuning, and maintaining Suricata within a complex enterprise IT environment, primarily running on Red Hat Enterprise Linux.

A key focus of this role will be tuning Suricata to operate optimally with Napatech network interface cards (NICs), ensuring high-performance packet capture and processing while minimizing packet loss and system resource overhead.

What You'll Work On:

  • Designing, deploying, and maintaining Suricata IDS/IPS systems across enterprise networks.
  • Developing, reviewing, and optimizing Suricata YAML configuration files to ensure optimal detection capabilities and minimal false positives.
  • Understanding and managing the interaction between Suricata's YAML configuration and its runtime engine, including rule loading, protocol decoding, and logging.
  • Tuning Suricata for optimal performance with Napatech NICs, including configuring Direct Memory Access (DMA), RSS queues, interrupt coalescing, and leveraging any NIC-specific acceleration features.
  • Collaborating with security teams to integrate Suricata with SIEM and other security monitoring platforms.
  • Troubleshooting installation and operational issues specific to Suricata on Red Hat Enterprise Linux, addressing compatibility, kernel module requirements, SELinux policies, and performance tuning.
  • Identifying and mitigating common pitfalls encountered when deploying Suricata in large-scale enterprise environments, including package dependencies, system resource constraints, and NIC driver/configuration issues.
  • Provide detailed documentation and runbooks for Suricata configuration, tuning NICs, and deployment processes.
  • Staying current with Suricata releases, NIC driver updates, and community best practices for network interface tuning and IDS/IPS performance enhancement.
Government Careers

Government Careers

Government jobs offer stability, competitive benefits, and the chance to make a meaningful impact on your community and country.

Whether you’re starting your career or seeking new opportunities, these roles provide pathways for growth, security, and service.

Explore positions across a wide range of fields and take the first step toward a rewarding future in public service.

Show more

MORE JOBS