Ennoble First
Location: College Park, MD; Washington, DC; Reston, VA
Required Clearance: Active TS/SCI with polygraph eligibility
Employment Type: Full-Time Regular
Shift: Day
Travel: No
Relocation Assistance: Yes
Company Overview We are Ennoble First. The people supporting and securing some of the most complex government, defense, and intelligence projects across the country. We ensure today is safe and tomorrow is smarter. Our work has meaning and impact on the world around us, but also on us, and that's important. Ennoble First is your place. You make it your own by embracing autonomy, seizing opportunity, and being trusted to deliver your best every day. We think. We act. We deliver.
Job Description Ennoble First is seeking an Intrusion Detection System/Intrusion Prevention System (IDS/IPS) Cyber Security Engineer to support the deployment, operation, and sustainment of enterprise intrusion detection and intrusion prevention capabilities. This role focuses on implementing and maintaining IDS/IPS platforms to provide real-time threat detection, network visibility, and active protection across complex Government environments.
The IDS/IPS Cyber Security Engineer works closely with network engineering, cybersecurity operations, and detection engineering teams to ensure intrusion detection and prevention controls are properly tuned, integrated, and aligned with mission and Zero Trust monitoring requirements.
Primary Responsibilities
Deploy, configure, operate, and sustain IDS/IPS platforms in enterprise Government environments
Implement and tune detection and prevention signatures, rules, and policies to reduce false positives and improve detection fidelity
Monitor IDS/IPS alerts, events, and system health to support timely threat detection and response
Integrate IDS/IPS platforms with SIEM, SOAR, NDR, and other security analysis tools
Perform upgrades, patching, configuration changes, and lifecycle maintenance activities
Troubleshoot detection failures, performance issues, and integration challenges
Support SOC and cyber operations teams with alert analysis, packet review, and investigative support
Coordinate with network engineers to ensure proper sensor placement, TAP/SPAN configuration, and traffic visibility
Develop and maintain technical documentation, runbooks, and operational procedures
Support Zero Trust initiatives through continuous monitoring and network-based threat detection
Required Qualifications
5+ years of experience supporting cybersecurity engineering, network security, or security operations
3+ years of experience deploying or administering IDS/IPS platforms
2+ years of experience deploying, hosting, monitoring, and securing solutions for Government customers
Strong understanding of network protocols, traffic analysis, and intrusion detection methodologies
Experience tuning detection signatures and rules to improve signal-to-noise ratios
Experience administering Linux-based or appliance-based security platforms
Active TS/SCI clearance with polygraph eligibility
Education
Associate's degree and 5+ years of experience supporting IT projects and activities, or
Bachelor's degree and 3+ years of experience supporting IT projects and activities, or
Master's degree and 1+ year of experience supporting IT projects and activities
Years of experience may be accepted in lieu of degree.
Certifications
DoD 8570.01-M Information Assurance Technician (IAT) Level II certification (e.g., Security+ CE, CCNA-Security, GSEC, SSCP, CySA+, GICSP, or CND)
Ability to obtain a DoD 8570.01-M Cybersecurity Service Provider – Infrastructure Support certification (e.g., CEH, CHFI, CFR, Cloud+, or CND) within 30 days of start date.
Preferred Qualifications
Hands‑on experience with IDS/IPS technologies such as Snort, Suricata, Zeek, Palo Alto, or similar platforms
Experience supporting SOC, IR, or cyber mission operations
Experience supporting DoD or Intelligence Community environments
Familiarity with NDR platforms and packet‑level analysis tools
Security certifications such as GCIA, GCIH, GNFA, CISSP, or similar
Compensation Salary range: $120,000 – $150,000 The Ennoble First pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered include responsibilities of the role, education, experience, knowledge, skills, internal equity, alignment with market data, and applicable laws.
Equal Employment Opportunity Ennoble First is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to any characteristic protected by law.
E-Verify Participation Ennoble First participates in E-Verify. Learn more at www.dhs.gov/E-Verify.
E-Verify is a registered trademark of the U.S. Department of Homeland Security.
#J-18808-Ljbffr
Company Overview We are Ennoble First. The people supporting and securing some of the most complex government, defense, and intelligence projects across the country. We ensure today is safe and tomorrow is smarter. Our work has meaning and impact on the world around us, but also on us, and that's important. Ennoble First is your place. You make it your own by embracing autonomy, seizing opportunity, and being trusted to deliver your best every day. We think. We act. We deliver.
Job Description Ennoble First is seeking an Intrusion Detection System/Intrusion Prevention System (IDS/IPS) Cyber Security Engineer to support the deployment, operation, and sustainment of enterprise intrusion detection and intrusion prevention capabilities. This role focuses on implementing and maintaining IDS/IPS platforms to provide real-time threat detection, network visibility, and active protection across complex Government environments.
The IDS/IPS Cyber Security Engineer works closely with network engineering, cybersecurity operations, and detection engineering teams to ensure intrusion detection and prevention controls are properly tuned, integrated, and aligned with mission and Zero Trust monitoring requirements.
Primary Responsibilities
Deploy, configure, operate, and sustain IDS/IPS platforms in enterprise Government environments
Implement and tune detection and prevention signatures, rules, and policies to reduce false positives and improve detection fidelity
Monitor IDS/IPS alerts, events, and system health to support timely threat detection and response
Integrate IDS/IPS platforms with SIEM, SOAR, NDR, and other security analysis tools
Perform upgrades, patching, configuration changes, and lifecycle maintenance activities
Troubleshoot detection failures, performance issues, and integration challenges
Support SOC and cyber operations teams with alert analysis, packet review, and investigative support
Coordinate with network engineers to ensure proper sensor placement, TAP/SPAN configuration, and traffic visibility
Develop and maintain technical documentation, runbooks, and operational procedures
Support Zero Trust initiatives through continuous monitoring and network-based threat detection
Required Qualifications
5+ years of experience supporting cybersecurity engineering, network security, or security operations
3+ years of experience deploying or administering IDS/IPS platforms
2+ years of experience deploying, hosting, monitoring, and securing solutions for Government customers
Strong understanding of network protocols, traffic analysis, and intrusion detection methodologies
Experience tuning detection signatures and rules to improve signal-to-noise ratios
Experience administering Linux-based or appliance-based security platforms
Active TS/SCI clearance with polygraph eligibility
Education
Associate's degree and 5+ years of experience supporting IT projects and activities, or
Bachelor's degree and 3+ years of experience supporting IT projects and activities, or
Master's degree and 1+ year of experience supporting IT projects and activities
Years of experience may be accepted in lieu of degree.
Certifications
DoD 8570.01-M Information Assurance Technician (IAT) Level II certification (e.g., Security+ CE, CCNA-Security, GSEC, SSCP, CySA+, GICSP, or CND)
Ability to obtain a DoD 8570.01-M Cybersecurity Service Provider – Infrastructure Support certification (e.g., CEH, CHFI, CFR, Cloud+, or CND) within 30 days of start date.
Preferred Qualifications
Hands‑on experience with IDS/IPS technologies such as Snort, Suricata, Zeek, Palo Alto, or similar platforms
Experience supporting SOC, IR, or cyber mission operations
Experience supporting DoD or Intelligence Community environments
Familiarity with NDR platforms and packet‑level analysis tools
Security certifications such as GCIA, GCIH, GNFA, CISSP, or similar
Compensation Salary range: $120,000 – $150,000 The Ennoble First pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered include responsibilities of the role, education, experience, knowledge, skills, internal equity, alignment with market data, and applicable laws.
Equal Employment Opportunity Ennoble First is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to any characteristic protected by law.
E-Verify Participation Ennoble First participates in E-Verify. Learn more at www.dhs.gov/E-Verify.
E-Verify is a registered trademark of the U.S. Department of Homeland Security.
#J-18808-Ljbffr