cFocus Software Incorporated
Security Engineer IV - Packet Capture - HHS STIM
cFocus Software Incorporated, Washington, District of Columbia, us, 20022
Security Engineer IV - Packet Capture
Job Description: Security Engineer IV (Packet Capture) Key Responsibilities Setup, configure, and maintain Packet Capture (PCAP) infrastructure across cloud, on-premises, and hybrid environments. Analyze network traffic and packet captures to detect anomalies, performance issues, and potential security threats (e.g., malware, DDoS, intrusion attempts). Collaborate with SOC teams to support incident response efforts with deep packet inspection and threat prevention strategies. Integrate packet capture tools with SIEM platforms and other log sources to enable advanced event correlation. Develop and utilize APIs for integrating, visualizing, filtering, and automating workflows within packet capture environments. Deliver and support critical production applications, ensuring high availability and scalability of PCAP tools. Provide technical advisory for network security architecture and align packet capture solutions with organizational security strategies. Participate in cross-functional threat detection and incident response activities. Maintain detailed documentation of system configurations, processes, and service records. Mentor junior engineers and provide subject matter expertise on packet capture technologies. Participate in a 24/7/365 on-call rotation, ensuring operational readiness and support. Required Qualifications
Bachelors degree in Computer Science, Cybersecurity, Information Systems, or a related field (or equivalent combination of education and experience). 10+ years of experience in Information Security, with a strong background in packet capture and network traffic analysis. Hands-on experience with enterprise packet capture tools (e.g., NetWitness) and related technologies. Proficiency in analyzing and troubleshooting LAN/WAN performance and network connectivity issues. Knowledge of log formats (e.g., syslog, HTTP, database logs) and integration techniques. Experience in developing and leveraging APIs for automation and visualization. Familiarity with SIEM integration (e.g., Splunk, Cribl). Strong problem-solving and analytical skills with the ability to work independently or in teams. Excellent oral and written communication skills, including the ability to explain technical concepts to non-technical stakeholders. Experience with federal security frameworks, including NIST SP 800-53 Rev. 5, DISA STIGs, and CIS Controls. Ability to obtain and maintain required security clearances. Seniority level
Mid-Senior level Employment type
Full-time Job function
Information Technology Industries
Wireless Services, Telecommunications, and Communications Equipment Manufacturing
#J-18808-Ljbffr
Job Description: Security Engineer IV (Packet Capture) Key Responsibilities Setup, configure, and maintain Packet Capture (PCAP) infrastructure across cloud, on-premises, and hybrid environments. Analyze network traffic and packet captures to detect anomalies, performance issues, and potential security threats (e.g., malware, DDoS, intrusion attempts). Collaborate with SOC teams to support incident response efforts with deep packet inspection and threat prevention strategies. Integrate packet capture tools with SIEM platforms and other log sources to enable advanced event correlation. Develop and utilize APIs for integrating, visualizing, filtering, and automating workflows within packet capture environments. Deliver and support critical production applications, ensuring high availability and scalability of PCAP tools. Provide technical advisory for network security architecture and align packet capture solutions with organizational security strategies. Participate in cross-functional threat detection and incident response activities. Maintain detailed documentation of system configurations, processes, and service records. Mentor junior engineers and provide subject matter expertise on packet capture technologies. Participate in a 24/7/365 on-call rotation, ensuring operational readiness and support. Required Qualifications
Bachelors degree in Computer Science, Cybersecurity, Information Systems, or a related field (or equivalent combination of education and experience). 10+ years of experience in Information Security, with a strong background in packet capture and network traffic analysis. Hands-on experience with enterprise packet capture tools (e.g., NetWitness) and related technologies. Proficiency in analyzing and troubleshooting LAN/WAN performance and network connectivity issues. Knowledge of log formats (e.g., syslog, HTTP, database logs) and integration techniques. Experience in developing and leveraging APIs for automation and visualization. Familiarity with SIEM integration (e.g., Splunk, Cribl). Strong problem-solving and analytical skills with the ability to work independently or in teams. Excellent oral and written communication skills, including the ability to explain technical concepts to non-technical stakeholders. Experience with federal security frameworks, including NIST SP 800-53 Rev. 5, DISA STIGs, and CIS Controls. Ability to obtain and maintain required security clearances. Seniority level
Mid-Senior level Employment type
Full-time Job function
Information Technology Industries
Wireless Services, Telecommunications, and Communications Equipment Manufacturing
#J-18808-Ljbffr