Job Description
Job Title: Endace Platform Engineer
Location: Washington
Eligibility: Candidate must possess an active TS/SCI with CI Polygraph
clearance
Job Description:
Job Description:
We are seeking a seasoned Endace Implementation & Sustainment Engineer
to architect, deploy, integrate, and operate Endace packet capture,
monitoring, and network recording platforms across a large, distributed
enterprise. The ideal candidate has deep experience in network
forensics, packet analytics, and telemetry architecture, combined with
hands-on familiarity supporting Zero Trust visibility and segmentation
strategies.
This role owns the end-to-end lifecycle for Endace systems—including
design, installation, configuration, maintenance, and long-term
optimization—while integrating the platform with SIEM/SOAR, detection
engineering, analytics tooling, and broader Zero Trust security
controls.
Responsibilities include leading the design, deployment, and
configuration of Endace appliances for enterprise-scale packet capture.
Developing packet capture strategies aligned to network architecture,
mission requirements, and Zero Trust visibility controls. Building
high-availability, scalable, and resilient Endace clusters across data
centers and cloud-connected environments. Integrating Endace with
analytics ecosystems (SIEM, SOAR, NDR, EDR, threat intel, investigation
platforms). Maintaining and tuning Endace hardware and software for
optimal performance, including upgrades, patching, sensor tuning, and
storage lifecycle. Troubleshooting packet loss, timing drift, flow
indexing issues, clock synchronization, and performance bottlenecks.
Monitoring device health, capacity, and telemetry fidelity to ensure
consistent, forensically-sound data capture. Managing PCAP retention
strategies, indexing policies, and storage allocation across distributed
deployments. Aligning Endace visibility architecture with Zero Trust
telemetry requirements and continuous verification workflows; Ensuring
packet capture and telemetry support identity-aware network segmentation
and policy enforcement. Supporting development of traffic baselines,
segmentation decisions, and enforcement models using Endace data.
Automating deployment, configuration, and sustainment workflows using
Ansible, Terraform, or scripting. Building dashboards, runbooks,
playbooks, and investigation workflows for SOC, threat hunters, and IR
teams. Partnering with network engineering, cloud teams, and security
operations to ensure full-spectrum telemetry coverage. Deliverin
training and guidance to operational teams on Endace platform usage and
best practices.
Basic Qualifications:
· 5+ years of experience in cybersecurity engineering, network security,
or SOC tooling.
· Strong understanding of packet analysis, network forensics, deep
packet inspection, and PCAP workflows.
· Proficiency in Linux administration and scripting (Python, Bash,
PowerShell).
· Experience supporting regulated or high-security environments (DoD,
IC, FedRAMP, PCI, HIPAA).
· Familiarity with Zero Trust Architecture, segmentation principles, and
identity-centric policy models.
· Demonstrated experience integrating Endace with SIEMs, SOAR tools, and
investigation platforms.
· Solid understanding of core network protocols (TCP/IP, TLS, DNS,
HTTP/S, NetFlow/IPFIX, etc.)
· Active TS/SCI clearance; willingness to take a polygraph exam
· Associate’s degree and 5+ years of experience supporting IT projects
and activities, Bachelor’s degree and 3+ years of experience supporting
IT projects and activities, or Master’s degree and 1+ year of experience
supporting IT projects and activities. Years of experience may be
accepted in lieu of degree.
· DoD 8570.01-M Information Assurance Technician (IAT) Level II
Certification, including Security+ CE, CCNA-Security, GSEC, SSCP, CySA+,
GICSP, or CND Certification
· Ability to obtain a DoD 8570.01-M Cybersecurity Service Provider -
Infrastructure Support Certification, including CEH, CHFI, CFR, Cloud+,
or CND certification within 30 days of start date
Additional Qualifications:
· Proven hands-on experience deploying, configuring, and managing Endace
DAG/EndaceProbe solutions in production.
· Familiarity with complementary network tools (Zeek, Suricata, Arkime,
NDR platforms).
· Experience with cloud networking and packet capture strategies in AWS,
Azure, or GCP.
· Certifications such as CISSP, GCIA, GNFA, GCIH, or vendor-specific
credentials.
· Strong analytical and problem-solving ability.
· Excellent communication and documentation skills.
· Able to collaborate with cross-functional technical and non-technical
stakeholders.
· Comfortable leading architecture conversations and driving platform
strategy.
Location: Washington
Eligibility: Candidate must possess an active TS/SCI with CI Polygraph
clearance
Job Description:
Job Description:
We are seeking a seasoned Endace Implementation & Sustainment Engineer
to architect, deploy, integrate, and operate Endace packet capture,
monitoring, and network recording platforms across a large, distributed
enterprise. The ideal candidate has deep experience in network
forensics, packet analytics, and telemetry architecture, combined with
hands-on familiarity supporting Zero Trust visibility and segmentation
strategies.
This role owns the end-to-end lifecycle for Endace systems—including
design, installation, configuration, maintenance, and long-term
optimization—while integrating the platform with SIEM/SOAR, detection
engineering, analytics tooling, and broader Zero Trust security
controls.
Responsibilities include leading the design, deployment, and
configuration of Endace appliances for enterprise-scale packet capture.
Developing packet capture strategies aligned to network architecture,
mission requirements, and Zero Trust visibility controls. Building
high-availability, scalable, and resilient Endace clusters across data
centers and cloud-connected environments. Integrating Endace with
analytics ecosystems (SIEM, SOAR, NDR, EDR, threat intel, investigation
platforms). Maintaining and tuning Endace hardware and software for
optimal performance, including upgrades, patching, sensor tuning, and
storage lifecycle. Troubleshooting packet loss, timing drift, flow
indexing issues, clock synchronization, and performance bottlenecks.
Monitoring device health, capacity, and telemetry fidelity to ensure
consistent, forensically-sound data capture. Managing PCAP retention
strategies, indexing policies, and storage allocation across distributed
deployments. Aligning Endace visibility architecture with Zero Trust
telemetry requirements and continuous verification workflows; Ensuring
packet capture and telemetry support identity-aware network segmentation
and policy enforcement. Supporting development of traffic baselines,
segmentation decisions, and enforcement models using Endace data.
Automating deployment, configuration, and sustainment workflows using
Ansible, Terraform, or scripting. Building dashboards, runbooks,
playbooks, and investigation workflows for SOC, threat hunters, and IR
teams. Partnering with network engineering, cloud teams, and security
operations to ensure full-spectrum telemetry coverage. Deliverin
training and guidance to operational teams on Endace platform usage and
best practices.
Basic Qualifications:
· 5+ years of experience in cybersecurity engineering, network security,
or SOC tooling.
· Strong understanding of packet analysis, network forensics, deep
packet inspection, and PCAP workflows.
· Proficiency in Linux administration and scripting (Python, Bash,
PowerShell).
· Experience supporting regulated or high-security environments (DoD,
IC, FedRAMP, PCI, HIPAA).
· Familiarity with Zero Trust Architecture, segmentation principles, and
identity-centric policy models.
· Demonstrated experience integrating Endace with SIEMs, SOAR tools, and
investigation platforms.
· Solid understanding of core network protocols (TCP/IP, TLS, DNS,
HTTP/S, NetFlow/IPFIX, etc.)
· Active TS/SCI clearance; willingness to take a polygraph exam
· Associate’s degree and 5+ years of experience supporting IT projects
and activities, Bachelor’s degree and 3+ years of experience supporting
IT projects and activities, or Master’s degree and 1+ year of experience
supporting IT projects and activities. Years of experience may be
accepted in lieu of degree.
· DoD 8570.01-M Information Assurance Technician (IAT) Level II
Certification, including Security+ CE, CCNA-Security, GSEC, SSCP, CySA+,
GICSP, or CND Certification
· Ability to obtain a DoD 8570.01-M Cybersecurity Service Provider -
Infrastructure Support Certification, including CEH, CHFI, CFR, Cloud+,
or CND certification within 30 days of start date
Additional Qualifications:
· Proven hands-on experience deploying, configuring, and managing Endace
DAG/EndaceProbe solutions in production.
· Familiarity with complementary network tools (Zeek, Suricata, Arkime,
NDR platforms).
· Experience with cloud networking and packet capture strategies in AWS,
Azure, or GCP.
· Certifications such as CISSP, GCIA, GNFA, GCIH, or vendor-specific
credentials.
· Strong analytical and problem-solving ability.
· Excellent communication and documentation skills.
· Able to collaborate with cross-functional technical and non-technical
stakeholders.
· Comfortable leading architecture conversations and driving platform
strategy.
Apply for this Position
Ready to join ? Click the button below to submit your application.
Submit Application