Job Description
Arkime Engineer
Location: US
Job ID: ATR 17783
Job Description
Job Title: Arkime Engineer
Location: Washington D.C.
Eligibility: Candidate must possess an active TS/SCI with CI Polygraph
clearance
Job Description:
We are seeking a highly skilled Arkime (formerly Moloch) Implementation
& Sustainment Engineer to design, deploy, operate, and enhance our
enterprise packet-capture and deep network visibility capability. The
ideal candidate combines hands-on Arkime expertise with strong Zero
Trust engineering principles to support threat detection, forensics,
segmentation, and continuous monitoring across a complex, distributed
environment. You will directly improve the organization’s ability to
detect threats early, respond faster, and understand network behavior at
scale—ensuring that identity-driven, least-privilege policies are backed
by deep telemetry and forensic depth
This role will drive full lifecycle engineering—from architecture and
deployment to tuning, integrations, sustainment, and long-term
optimization—while partnering with cross-functional security, network,
and platform teams.
Key Responsibilities:
· Architect, deploy, and configure Arkime clusters, capture nodes,
viewer nodes, and storage subsystems.
· Design packet capture strategies aligned to network topology, mission
requirements, and Zero Trust monitoring needs.
· Develop and automate deployment workflows using scripts, orchestration
tools, and configuration management.
· Integrate Arkime with SIEM, SOAR, EDR, and threat intel platforms to
enrich detection and investigation workflows.
· Conduct regular tuning of parsers, views, tags, and sessions to
support detection engineering and threat hunting.
· Perform version upgrades, patching, configuration changes, data
lifecycle management, and log retention optimization.
· Align Arkime data capture with Zero Trust Architecture (ZTA) telemetry
requirements.
· Support development of visibility baselines, identity-aware policies,
and segmentation enforcement strategies.
· Work with network engineering, cloud engineering, and security
operations to ensure end-to-end telemetry coverage.
· Develop dashboards, queries, workflows, and documentation for SOC,
detection engineers, and incident responders.
· Provide training, playbooks, and technical expertise to internal
engineering and operations teams.
Basic Qualifications:
· 5+ years of experience in cybersecurity, network security engineering,
or security operations.
· Strong background in packet analysis, PCAP management, DPI
technologies, and network protocols (TCP/IP, DNS, TLS, HTTP, etc.).
· Familiarity with Suricata, Zeek, or other packet/flow analysis
platforms.
· Experience engineering within a Zero Trust Architecture (ZTA),
including segmentation, continuous verification, and identity-centric
access.
· Proficiency with Linux systems administration, containers, and
distributed systems.
· Experience leveraging SIEM/SOAR platforms and integrating packet
telemetry with detection workflows.
· Familiarity with automation tools (Ansible, Terraform, scripts) and
infrastructure-as-code concepts.
· Active TS/SCI clearance; willingness to take a polygraph exam
· Associate’s degree and 5+ years of experience supporting IT projects
and activities, Bachelor’s degree and 3+ years of experience supporting
IT projects and activities, or Master’s degree and 1+ year of experience
supporting IT projects and activities. Years of experience may be
accepted in lieu of degree.
· DoD 8570.01-M Information Assurance Technician (IAT) Level II
Certification, including Security+ CE, CCNA-Security, GSEC, SSCP, CySA+,
GICSP, or CND Certification
· Ability to obtain a DoD 8570.01-M Cybersecurity Service Provider -
Infrastructure Support Certification, including CEH, CHFI, CFR, Cloud+,
or CND certification within 30 days of start date
Additional Qualifications:
· Hands-on experience implementing and maintaining Arkime/Moloch in
production environments.
· Experience with cloud networking and traffic inspection in
AWS/Azure/GCP.
· Experience with Elastic Stack or similar search/index pipelines.
· Background supporting regulated or high-security environments
(FedRAMP, DoD, IC, PCI, etc.).
· Security certifications (e.g., CISSP, GCIH, GCIA, GNFA, GCED).
· Strong analytical and problem-solving skills.
· Ability to translate technical findings into clear operational
guidance.
· Comfortable leading discussions with engineers, analysts, architects,
and leadership.
First Name
Required
Last Name
Required
Email Address
Required
Phone Number
CountryNoneAfghanistanÅland IslandsAlbaniaAlgeriaAmerican SamoaAndorraAngolaAnguillaAntarcticaAntigua and BarbudaArgentinaArmeniaArubaAustraliaAustriaAzerbaijanBahamasBahrainBangladeshBarbadosBelarusBelgiumBelizeBeninBermudaBhutanBoliviaBonaire, Sint Eustatius and SabaBosnia and HerzegovinaBotswanaBouvet IslandBrazilBritish Indian Ocean TerritoryBritish Virgin IslandsBruneiBulgariaBurkina FasoBurundiCabo VerdeCambodiaCameroonCanadaCayman IslandsCentral African RepublicChadChileChinaChristmas IslandCocos (Keeling) IslandsColombiaComorosCongoCongo-BrazzavilleCook IslandsCosta RicaCôte d'IvoireCroatiaCubaCuraçaoCyprusCzechiaDemocratic People's Republic of KoreaDenmarkDjiboutiDominicaDominican RepublicEcuadorEgyptEl SalvadorEquatorial GuineaEritreaEstoniaEthiopiaFalkland IslandsFaroe IslandsFederated States of MicronesiaFijiFinlandFranceFrench GuianaFrench PolynesiaFrench Southern TerritoriesGabonGambiaGeorgiaGermanyGhanaGibraltarGreeceGreenlandGrenadaGuadeloupeGuamGuatemalaGuernseyGuineaGuinea-BissauGuyanaHaitiHeard Island and McDonald IslandsHondurasHong KongHungaryIcelandIndiaIndonesiaIraqIrelandIslamic Republic of IranIsle of ManIsraelItalyJamaicaJapanJerseyJordanKazakhstanKenyaKiribatiKuwaitKyrgyzstanLao People's Democratic RepublicLatviaLebanonLesothoLiberiaLibyaLiechtensteinLithuaniaLuxembourgMacaoMacedoniaMadagascarMalawiMalaysiaMaldivesMaliMaltaMarshall IslandsMartiniqueMauritaniaMauritiusMayotteMexicoMonacoMongoliaMontenegroMontserratMoroccoMozambiqueMyanmarNamibiaNauruNepalNetherlandsNew CaledoniaNew ZealandNicaraguaNigerNigeriaNiueNorfolk IslandNorthern Mariana IslandsNorwayOmanPakistanPalauPanamaPapua New GuineaParaguayPeruPhilippinesPitcairnPolandPortugalPuerto RicoQatarRepublic of KoreaRepublic of MoldovaReunionRomaniaRussiaRwandaSaint BarthelemySaint Helena, Ascension and Tristan da CunhaSaint Kitts and NevisSaint LuciaSaint MartinSaint Pierre and MiquelonSaint Vincent and the GrenadinesSamoaSan MarinoSao Tome and PrincipeSaudi ArabiaSenegalSerbiaSeychellesSierra LeoneSingaporeSint Maarten (Dutch part)SlovakiaSloveniaSolomon IslandsSomaliaSouth AfricaSouth Georgia and the South Sandwich IslandsSouth SudanSpainSri LankaState of PalestineSudanSurinameSvalbard and Jan MayenSwazilandSwedenSwitzerlandSyriaTaiwanTajikistanThailandTimor-LesteTogoTokelauTongaTrinidad and TobagoTunisiaTurkeyTurkmenistanTurks and Caicos IslandsTuvaluU.S. Virgin IslandsUgandaUkraineUnited Arab EmiratesUnited KingdomUnited Republic of TanzaniaUnited StatesUnited States Minor Outlying IslandsUruguayUzbekistanVanuatuVaticanVenezuelaVietnamWallis and FutunaWestern SaharaYemenZambiaZimbabwe
State/ProvinceNone
City
ZIP/Postal Code
Resume
Choose File...
Required, maximum file size is 512KB, allowed file types are doc, docx, pdf, odf, and txt
Message
Success!
Your application was successfully sent!
Location: US
Job ID: ATR 17783
Job Description
Job Title: Arkime Engineer
Location: Washington D.C.
Eligibility: Candidate must possess an active TS/SCI with CI Polygraph
clearance
Job Description:
We are seeking a highly skilled Arkime (formerly Moloch) Implementation
& Sustainment Engineer to design, deploy, operate, and enhance our
enterprise packet-capture and deep network visibility capability. The
ideal candidate combines hands-on Arkime expertise with strong Zero
Trust engineering principles to support threat detection, forensics,
segmentation, and continuous monitoring across a complex, distributed
environment. You will directly improve the organization’s ability to
detect threats early, respond faster, and understand network behavior at
scale—ensuring that identity-driven, least-privilege policies are backed
by deep telemetry and forensic depth
This role will drive full lifecycle engineering—from architecture and
deployment to tuning, integrations, sustainment, and long-term
optimization—while partnering with cross-functional security, network,
and platform teams.
Key Responsibilities:
· Architect, deploy, and configure Arkime clusters, capture nodes,
viewer nodes, and storage subsystems.
· Design packet capture strategies aligned to network topology, mission
requirements, and Zero Trust monitoring needs.
· Develop and automate deployment workflows using scripts, orchestration
tools, and configuration management.
· Integrate Arkime with SIEM, SOAR, EDR, and threat intel platforms to
enrich detection and investigation workflows.
· Conduct regular tuning of parsers, views, tags, and sessions to
support detection engineering and threat hunting.
· Perform version upgrades, patching, configuration changes, data
lifecycle management, and log retention optimization.
· Align Arkime data capture with Zero Trust Architecture (ZTA) telemetry
requirements.
· Support development of visibility baselines, identity-aware policies,
and segmentation enforcement strategies.
· Work with network engineering, cloud engineering, and security
operations to ensure end-to-end telemetry coverage.
· Develop dashboards, queries, workflows, and documentation for SOC,
detection engineers, and incident responders.
· Provide training, playbooks, and technical expertise to internal
engineering and operations teams.
Basic Qualifications:
· 5+ years of experience in cybersecurity, network security engineering,
or security operations.
· Strong background in packet analysis, PCAP management, DPI
technologies, and network protocols (TCP/IP, DNS, TLS, HTTP, etc.).
· Familiarity with Suricata, Zeek, or other packet/flow analysis
platforms.
· Experience engineering within a Zero Trust Architecture (ZTA),
including segmentation, continuous verification, and identity-centric
access.
· Proficiency with Linux systems administration, containers, and
distributed systems.
· Experience leveraging SIEM/SOAR platforms and integrating packet
telemetry with detection workflows.
· Familiarity with automation tools (Ansible, Terraform, scripts) and
infrastructure-as-code concepts.
· Active TS/SCI clearance; willingness to take a polygraph exam
· Associate’s degree and 5+ years of experience supporting IT projects
and activities, Bachelor’s degree and 3+ years of experience supporting
IT projects and activities, or Master’s degree and 1+ year of experience
supporting IT projects and activities. Years of experience may be
accepted in lieu of degree.
· DoD 8570.01-M Information Assurance Technician (IAT) Level II
Certification, including Security+ CE, CCNA-Security, GSEC, SSCP, CySA+,
GICSP, or CND Certification
· Ability to obtain a DoD 8570.01-M Cybersecurity Service Provider -
Infrastructure Support Certification, including CEH, CHFI, CFR, Cloud+,
or CND certification within 30 days of start date
Additional Qualifications:
· Hands-on experience implementing and maintaining Arkime/Moloch in
production environments.
· Experience with cloud networking and traffic inspection in
AWS/Azure/GCP.
· Experience with Elastic Stack or similar search/index pipelines.
· Background supporting regulated or high-security environments
(FedRAMP, DoD, IC, PCI, etc.).
· Security certifications (e.g., CISSP, GCIH, GCIA, GNFA, GCED).
· Strong analytical and problem-solving skills.
· Ability to translate technical findings into clear operational
guidance.
· Comfortable leading discussions with engineers, analysts, architects,
and leadership.
First Name
Required
Last Name
Required
Email Address
Required
Phone Number
CountryNoneAfghanistanÅland IslandsAlbaniaAlgeriaAmerican SamoaAndorraAngolaAnguillaAntarcticaAntigua and BarbudaArgentinaArmeniaArubaAustraliaAustriaAzerbaijanBahamasBahrainBangladeshBarbadosBelarusBelgiumBelizeBeninBermudaBhutanBoliviaBonaire, Sint Eustatius and SabaBosnia and HerzegovinaBotswanaBouvet IslandBrazilBritish Indian Ocean TerritoryBritish Virgin IslandsBruneiBulgariaBurkina FasoBurundiCabo VerdeCambodiaCameroonCanadaCayman IslandsCentral African RepublicChadChileChinaChristmas IslandCocos (Keeling) IslandsColombiaComorosCongoCongo-BrazzavilleCook IslandsCosta RicaCôte d'IvoireCroatiaCubaCuraçaoCyprusCzechiaDemocratic People's Republic of KoreaDenmarkDjiboutiDominicaDominican RepublicEcuadorEgyptEl SalvadorEquatorial GuineaEritreaEstoniaEthiopiaFalkland IslandsFaroe IslandsFederated States of MicronesiaFijiFinlandFranceFrench GuianaFrench PolynesiaFrench Southern TerritoriesGabonGambiaGeorgiaGermanyGhanaGibraltarGreeceGreenlandGrenadaGuadeloupeGuamGuatemalaGuernseyGuineaGuinea-BissauGuyanaHaitiHeard Island and McDonald IslandsHondurasHong KongHungaryIcelandIndiaIndonesiaIraqIrelandIslamic Republic of IranIsle of ManIsraelItalyJamaicaJapanJerseyJordanKazakhstanKenyaKiribatiKuwaitKyrgyzstanLao People's Democratic RepublicLatviaLebanonLesothoLiberiaLibyaLiechtensteinLithuaniaLuxembourgMacaoMacedoniaMadagascarMalawiMalaysiaMaldivesMaliMaltaMarshall IslandsMartiniqueMauritaniaMauritiusMayotteMexicoMonacoMongoliaMontenegroMontserratMoroccoMozambiqueMyanmarNamibiaNauruNepalNetherlandsNew CaledoniaNew ZealandNicaraguaNigerNigeriaNiueNorfolk IslandNorthern Mariana IslandsNorwayOmanPakistanPalauPanamaPapua New GuineaParaguayPeruPhilippinesPitcairnPolandPortugalPuerto RicoQatarRepublic of KoreaRepublic of MoldovaReunionRomaniaRussiaRwandaSaint BarthelemySaint Helena, Ascension and Tristan da CunhaSaint Kitts and NevisSaint LuciaSaint MartinSaint Pierre and MiquelonSaint Vincent and the GrenadinesSamoaSan MarinoSao Tome and PrincipeSaudi ArabiaSenegalSerbiaSeychellesSierra LeoneSingaporeSint Maarten (Dutch part)SlovakiaSloveniaSolomon IslandsSomaliaSouth AfricaSouth Georgia and the South Sandwich IslandsSouth SudanSpainSri LankaState of PalestineSudanSurinameSvalbard and Jan MayenSwazilandSwedenSwitzerlandSyriaTaiwanTajikistanThailandTimor-LesteTogoTokelauTongaTrinidad and TobagoTunisiaTurkeyTurkmenistanTurks and Caicos IslandsTuvaluU.S. Virgin IslandsUgandaUkraineUnited Arab EmiratesUnited KingdomUnited Republic of TanzaniaUnited StatesUnited States Minor Outlying IslandsUruguayUzbekistanVanuatuVaticanVenezuelaVietnamWallis and FutunaWestern SaharaYemenZambiaZimbabwe
State/ProvinceNone
City
ZIP/Postal Code
Resume
Choose File...
Required, maximum file size is 512KB, allowed file types are doc, docx, pdf, odf, and txt
Message
Success!
Your application was successfully sent!
Apply for this Position
Ready to join ? Click the button below to submit your application.
Submit Application