This role requires someone working onsite in DC/Reston/Quantic/College Park. A TS/SCI CI Poly is required.

We are seeking a seasoned Endace Implementation & Sustainment Engineer to architect, deploy, integrate, and operate Endace packet capture, monitoring, and network recording platforms across a large, distributed enterprise. The ideal candidate has deep experience in network forensics, packet analytics, and telemetry architecture, combined with hands-on familiarity supporting Zero Trust visibility and segmentation strategies.

This role owns the end-to-end lifecycle for Endace systems—including design, installation, configuration, maintenance, and long-term optimization—while integrating the platform with SIEM/SOAR, detection engineering, analytics tooling, and broader Zero Trust security controls.

Responsibilities include leading the design, deployment, and configuration of Endace appliances for enterprise-scale packet capture. Developing packet capture strategies aligned to network architecture, mission requirements, and Zero Trust visibility controls. Building high-availability, scalable, and resilient Endace clusters across data centers and cloud-connected environments. Integrating Endace with analytics ecosystems (SIEM, SOAR, NDR, EDR, threat intel, investigation platforms). Maintaining and tuning Endace hardware and software for optimal performance, including upgrades, patching, sensor tuning, and storage lifecycle. Troubleshooting packet loss, timing drift, flow indexing issues, clock synchronization, and performance bottlenecks. Monitoring device health, capacity, and telemetry fidelity to ensure consistent, forensically-sound data capture. Managing PCAP retention strategies, indexing policies, and storage allocation across distributed deployments. Aligning Endace visibility architecture with Zero Trust telemetry requirements and continuous verification workflows; Ensuring packet capture and telemetry support identity-aware network segmentation and policy enforcement. Supporting development of traffic baselines, segmentation decisions, and enforcement models using Endace data. Automating deployment, configuration, and sustainment workflows using Ansible, Terraform, or scripting. Building dashboards, runbooks, playbooks, and investigation workflows for SOC, threat hunters, and IR teams. Partnering with network engineering, cloud teams, and security operations to ensure full-spectrum telemetry coverage. Deliverin training and guidance to operational teams on Endace platform usage and best practices.

Basic Qualifications:

• 5+ years of experience in cybersecurity engineering, network security, or SOC tooling.
• Strong understanding of packet analysis, network forensics, deep packet inspection, and PCAP workflows.
• Proficiency in Linux administration and scripting (Python, Bash, PowerShell).
• Experience supporting regulated or high-security environments (DoD, IC, FedRAMP, PCI, HIPAA).
• Familiarity with Zero Trust Architecture, segmentation principles, and identity-centric policy models.
• Demonstrated experience integrating Endace with SIEMs, SOAR tools, and investigation platforms.
• Solid understanding of core network protocols (TCP/IP, TLS, DNS, HTTP/S, NetFlow/IPFIX, etc.)
• Active TS/SCI clearance; willingness to take a polygraph exam
• Associate’s degree and 5+ years of experience supporting IT projects and activities, Bachelor’s degree and 3+ years of experience supporting IT projects and activities, or Master’s degree and 1+ year of experience supporting IT projects and activities. Years of experience may be accepted in lieu of degree.
• DoD 8570.01-M Information Assurance Technician (IAT) Level II Certification, including Security+ CE, CCNA-Security, GSEC, SSCP, CySA+, GICSP, or CND Certification
• Ability to obtain a DoD 8570.01-M Cybersecurity Service Provider - Infrastructure Support Certification, including CEH, CHFI, CFR, Cloud+, or CND certification within 30 days of start date

Additional Qualifications:

• Proven hands-on experience deploying, configuring, and managing Endace DAG/EndaceProbe solutions in production.
• Familiarity with complementary network tools (Zeek, Suricata, Arkime, NDR platforms).
• Experience with cloud networking and packet capture strategies in AWS, Azure, or GCP.
• Certifications such as CISSP, GCIA, GNFA, GCIH, or vendor-specific credentials.
• Strong analytical and problem-solving ability.
• Excellent communication and documentation skills.
• Able to collaborate with cross-functional technical and non-technical stakeholders.
• Comfortable leading architecture conversations and driving platform strategy.

About GuidePoint Security

GuidePoint Security is a leading cybersecurity solutions and services firm enabling federal government organizations to make smarter security decisions that minimize risk. With more than 800 vetted technology vendor partnerships and deep practitioner expertise across every major cybersecurity domain, GuidePoint serves more than half of the U.S. Government’s cabinet-level agencies across Civilian, DoD, and Intelligence Community segments, as well as Federal System Integrators and major defense prime contractors. We are growing our Federal presales engineering team and looking for technically exceptional engineers who thrive at the intersection of federal mission and cybersecurity technology.

About the role

The Solution Architect, Federal Presales is a senior technical individual contributor responsible for driving cybersecurity solution development, presales engineering support, and pipeline growth across GuidePoint Security’s federal government accounts. This role is exclusively focused on the federal government market — working with federal agencies, DoD components, Intelligence Community programs, and large Federal System Integrators (FSIs) such as Booz Allen Hamilton, Leidos, SAIC, Northrop Grumman, GDIT, CACI, and Peraton.

This is a hybrid technical-engineering and business development role. You will own the technical quality of presales engagements, develop compelling solution architectures and proposal content, build independent federal customer relationships that generate pipeline, and create the BOMs, SOWs, and technical proposal volumes that convert federal opportunities into wins. This role sits within GuidePoint Security’s Federal Government Solutions division and is a high-visibility individual contributor position with significant growth potential into senior architect or practice leadership roles.

What you'll be doing 

Federal Solution Design & Technical Presales

• Collaborate with GuidePoint Security professional services, OEM sales engineers, and federal sales teams to develop cybersecurity strategies and solutions for federal government agencies and Federal System Integrator teaming partners.
• Engage directly with federal agency customers, GuidePoint delivery teams, and OEM partners to understand agency technology stacks, mission requirements, and integration needs — translating those requirements into technically compelling solution recommendations.
• Develop tailored cybersecurity solution architectures for federal opportunities across network security, cloud security, identity and access management, endpoint security, SIEM/SOAR, zero trust, data security, OT/ICS, and GRC domains.
• Manage complex proof-of-value (POV) projects and design solution experiments that demonstrate GuidePoint Security’s ability to integrate multiple technologies and solve mission-critical federal cybersecurity problems.
• Develop federal-specific reference architectures, technical briefings, and capability presentations that differentiate GuidePoint Security in the federal market.

SOW Development & Federal Proposal Support

• Develop Statements of Work (SOWs) for GuidePoint federal professional services engagements, ensuring scope, deliverables, labor categories, and assumptions align with customer requirements and GuidePoint’s delivery capabilities.
• Provide technical analysis of federal RFx documents (RFPs/RFIs) to assess feasibility, confirm compliance, and lead development of technical proposal responses that address government evaluation criteria and differentiate GuidePoint Security.
• Develop detailed Bills of Materials (BOMs) for technology-intensive federal proposals, working with OEM federal channel teams to obtain current GSA MAS, CIO-SP3/CIO-SP4, and NASA SEWP pricing.
• Participate in proposal color team reviews (Pink, Red, Gold) as the primary technical subject matter reviewer, ensuring proposed solutions are accurate, achievable, and fully responsive to solicitation requirements.

Federal Pipeline Development & Account Growth

• Build and maintain an independent network of technical relationships with federal agency stakeholders — including security architects, ISSOs, system owners, program managers, and IT directors — that generates early pipeline visibility for the federal sales team.
• Engage early in the federal opportunity lifecycle to shape government requirements in ways that favor GuidePoint Security’s technical approach, vendor partnerships, and delivery capabilities.
• Support Account Executives in strategic federal account planning, identifying adjacent opportunities within existing agency accounts based on current knowledge of the customer’s technology environment and security program roadmap.
• Provide technical opportunity qualification input to Account Executives, assessing technical risk and recommending go/no-go positions on pursuits where GuidePoint Security cannot credibly compete on technical merit.

OEM & Federal Vendor Partner Engagement

• Maintain active working relationships with OEM federal sales engineering and channel teams across GuidePoint Security’s key federal technology partners, including CrowdStrike, Palo Alto Networks, Splunk, Tenable, SentinelOne, Zscaler, and others in the federal portfolio.
• Engage vendor solution engineers as technical supplements to GuidePoint Security’s federal presales approach, maintaining GuidePoint’s trusted advisor position with federal customers rather than ceding it to vendor SEs.
• Stay current on federal vendor roadmaps, new platform capabilities, FedRAMP authorization status, and DoD ATO track records to ensure all federal solution recommendations are accurate and compliance-aligned.

YOU'LL BE A GREAT FIT IF

• You have experience as a presales engineer, technical consultant, or solution architect in a federal government-focused role — and you understand how to navigate both the technical requirements and the federal acquisition process.
• You can work closely with federal sales teams, channel partners, and OEM engineers to align technically precise solutions with federal agency mission needs and strategic business goals, including participation in strategic account planning.
• You have excellent communication skills with the ability to conduct high-level technical discussions and engage confidently with federal agency technical staff, program managers, contracting officers, and senior IT leadership.
• You demonstrate strong technical aptitude, quickly grasp new cybersecurity technologies and federal compliance frameworks, and apply them fluently in federal customer conversations.
• You bring deep knowledge of the federal cybersecurity market — including the regulatory landscape, agency buying patterns, and FSI teaming dynamics — or a strong cybersecurity practitioner background and genuine enthusiasm for the federal mission environment.
• You can quickly build rapport with federal customers and OEM partners and are energized by collaborative teaming with federal sales, delivery engineers, Technical Directors, and GuidePoint’s national practice leads.
• You have a genuine passion for federal cybersecurity — you stay current on the threat landscape, emerging technologies, and evolving federal mandates because you care about the mission, not just the job.

Requirements

• Must reside in the DC metro area and be available for in-person meetings at GuidePoint Security’s Herndon, VA headquarters and federal customer sites with reasonable notice.
• Active Secret clearance required at time of hire, or demonstrated ability to obtain a Secret clearance. TS/SCI a significant plus.
• Demonstrated SOC operations experience — ability to implement, operate, or architect a SIEM, SOAR, or security data analytics solution. This is a hard requirement.
• 5+ years of experience in a federal presales, solution architecture, systems engineering, or technical consulting role focused on the federal government market.
• Working knowledge of federal acquisition processes, contract vehicles (GSA MAS, CIO-SP3/CIO-SP4, NASA SEWP), and the federal RFP/RFI response process.
• Broad cybersecurity technical knowledge across at least three domains including network security, cloud security, identity and access management, endpoint security, SIEM/SOAR, or zero trust architecture.

Preferred Qualifications

• Experience working directly with Federal System Integrator teaming partners (Booz Allen, Leidos, SAIC, GDIT, CACI, etc.) as a subcontractor or teaming partner.
• Experience with cloud security solutions such as CNAPP, SSPM, and DSPM in federal cloud environments (AWS GovCloud, Azure Government, DoD JWCC).
• Hands-on implementation or presales experience with CrowdStrike, Palo Alto Networks, F5, or Splunk in a federal customer context.
• Familiarity with federal cybersecurity mandates including EO 14028, OMB M-22-09 (Zero Trust), FedRAMP, NIST SP 800-53, DoD RMF, CMMC 2.0, and CDM program requirements.
• CISSP, Security+, or relevant vendor certifications (PCNSE, CCFA, Splunk Core Certified, CrowdStrike CCFA/CCFR) preferred.

“Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information.”

Threat Emulation Engineer - Blue/Purple Team

Candidates MUST have an active Top Secret/SCI clearance with a CI Poly within 10 years for consideration. This position is 100% onsite in Chantilly, VA

Join Our Elite Security Team – Where Innovation Meets Impact!

Are you ready to become a technical leader who solves the most challenging security problems organizations face—including the ones they don't even know exist yet? As a Security Engineer, you'll be responsible for service delivery and expected to be a product subject-matter expert, working independently on small projects and collaboratively on large-scale enterprise deployments. 

You'll fuel solutions that make the deepest impact across organizations, working in a fast-paced environment where your insatiable thirst for learning new technologies will be celebrated and supported. 

What Makes This Opportunity Exceptional:

Our goal is never to fix and leave, but to share knowledge through comprehensive documentation and knowledge transfer, ensuring you build upon meaningful work. You'll be part of a large internal support group with extensive experience and benefit from our internal training program designed to increase your skills and keep pace with technology changes. We focus on enabling our engineers to become complete security professionals able to analyze security solutions, not just install and configure products. You'll gain a broad spectrum of knowledge and skills that allow you to give advice and direction relevant to today's threats. 

No Prior Experience with Automated Security Validation Required: While experience with Mandiant Security Validation Tool would be great, we'll train you on the tool if you have a solid foundation in cybersecurity. We're vendor neutral security engineers providing services that meet customer needs, not our own or that of vendors.

Role & Responsibilities

• Complete internal training for Automated Security Validation (ASV).
• Lead complex ASV deployments and partner with customers to address diverse security use cases.
• Assess customer security posture and requirements to guide solution design.
• Maximize ASV value by enabling customers and supporting their cybersecurity strategy.
• Collaborate with internal product and technical teams to deliver solutions and drive innovation.
• Apply prior experience, share best practices, and develop creative approaches to increase adoption.
• Empower customers to independently address future security questions.

Required Qualifications

• 5–10 years of security systems engineering and troubleshooting experience.
• Strong understanding of cyber threat techniques, intelligence analysis, and adversary TTPs.
• Familiarity with MITRE ATT&CK and similar threat frameworks.
• Experience designing log ingestion and aggregation strategies.
• Knowledge of key security events across common IT platforms.
• Proficiency with Windows, macOS, and Linux systems.
• Experience with networking and security troubleshooting (firewalls, routing, NAT, etc.).
• Ability to manage and deliver multiple projects independently.
• Active DoD 8570 IAT Level II+ certification (e.g., Security+, CEH).
• Active TS/SCI clearance with polygraph.

Preferred Qualifications

• Experience configuring and utilizing enterprise SIEM platforms.
• Understanding of OS auditing (Syslog, Windows Event Logs).
• Experience with Mandiant Security Validation or other Breach and Attack Simulation (BAS) tools.
• Red or purple team experience.
• Experience developing SOC runbooks, workflows, and policy documentation.
• Familiarity with various scripting languages (bash, python, powershell, perl)
• Bachelor’s degree in a relevant field or equivalent experience.

Splunk Security Engineer - TS/SCI CI Poly 

Location - Springfield, VA

Guidepoint Security has an exciting Splunk Security Engineer role. This role entails fueling solutions to ensure enterprise security deployments make the deepest impact possible across an organization. They solve organizations’ most challenging problems, including the ones they didn't know existed. They are self-motivated, have an insatiable thirst to learn new technologies and thrive in a fast paced environment. Lastly, they feel comfortable mastering new technologies and come from a variety of business, analytic and technology backgrounds. This position is not remote.

Role and Responsibilities:

• Drive complex security focused deployments of Splunk while working side by side with the customers to solve their unique problems across a variety of use cases
• Work with our customers to understand their security posture and requirements
• Support our security deployments by unlocking the potential of Splunk to assist our customers in achieving their Cyber Security strategy
• Collaborate across the entire organization to bring access to product and technical teams to get the right solution delivered and drive innovation gathered from customer input
• Leverage previous experiences, share best practices and create innovative solutions to push user adoption and maximize the value of Splunk
• Enable customers to solve the next wave of questions on their own

Position Requirements:

• Must have an understanding of cyber-based threat techniques and procedures to compare industry related events, exposures, and incidents with open source and gathered intelligence research to determine threat capability and intent, and the potential impact of the threat on customer network architecture and operations 
• 3+ years of Splunk architecture, implementation, and troubleshooting experience
• Proficiency developing log ingestion and aggregation strategies
• Expertise developing security-focused content for Splunk, including creation of complex threat detection logic and operational dashboards
• Familiarity with key security events on common IT platforms
• Deep proficiency in client and server operating systems including Windows, Mac, and Linux
• General networking and security troubleshooting (firewalls, routing, NAT, etc.)
• Scripting and development skills (BASH, Perl, Python or Java) with strong knowledge of regular expressions
• Ability to autonomously prioritize and successfully deliver across a portfolio of projects
• Must possess an active DoD 8570-compliant cyber certification at IAT Level II or better

Preferred Requirements:

• Familiar with Configuration and Administration with Enterprise SIEM and experience in the Integration of multiple SIEM tools into a Single Architecture 
• Working Knowledge of Operating System Auditing (both Syslog and Window Event Log) preferred 
• Splunk Enterprise Security experience
• Splunk Certifications such as Splunk Certified Consultant, Splunk Enterprise Security Implementation, and Splunk Certified Architect
• Experience authoring security runbooks, policy, and best practice documentation, and implementing SOAR platforms such as Phantom (Splunk SOAR), or Demisto (XSOAR)
• Bachelor’s degree in a relevant discipline or equivalent professional experience
• CISSP

Splunk Engineer - TS/SCI Clearance with the willingness to take and pass a polygraph exam is required for consideration for hire for this role. 

Locations available: 100% onsite JBAB (Bolling AFB), DC; Maryland Square, MD; Reston, VA; Quantico, VA; Colorado Springs, CO; Waikiki, HI. 

What You’ll Get To Do:
You will work with an expert team focused on implementing and operating next-generation security solutions for government and commercial clients. You’ll use Splunk and integrate it with other state-of-the-art tools like HBSS, Enterprise Security Manager (ESM), Network Security Manager (NSM), NetFlow, and/or Intrusion Detection Systems (IDS) to monitor, detect, and analyze threats. You'll perform hands-on evaluation, implementation, and operation of leading security Cyber defense tools and technologies and apply in-depth defense strategies for large and complex networks to rapidly identify vulnerabilities and threats, prioritizing response actions, including developing effective countermeasures. You’ll support the risk management and security compliance of specified cyber security tools. You'll apply thought leadership to solving complex security challenges in a highly collaborative and innovative work
environment.

You’ll Bring These Qualifications:

• 3+ years of experience utilizing Splunk Enterprise
• Experience with deploying, configuring, and performing functional testing and data validation in a Splunk environment
• Experience with Splunk performing systems administration, including performing installation, configuration, monitoring
  system performance and availability, upgrades, and troubleshooting in Windows and Linux Server environments
• Experience creating custom dashboards, writing queries and generating reports, and setting up alerts and notifications
• Familiarity with DoD Risk Management Framework
• Top Secret/SCI clearance with the ability to obtain a Counter-Intelligence polygraph
• Active DoD 8570 IAT Level III certification (CASP+ CE, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH, or CCSP)
• Active DoD 8570 Cybersecurity Service Provider (CSSP) - Infrastructure Support (IS) certification (CEH, CySA+, GICSP, SSCP, CHFI, CFR, Cloud+, or CND)
• HS diploma or GED and 7+ years of experience with supporting IT projects and activities, Associate’s degree and 5+ years of experience with supporting IT projects and activities, or Bachelor’s degree and 3+ years of experience with supporting IT projects and activities
• DoD 8570 IAT Level II Certification, including CCNA-Security, CySA+, GICSP, GSEC, Security+ CE, CND, or SSCP
• Ability to obtain a DoD 8570.01-M Cybersecurity Service Provider - Infrastructure Support Certification, including CEH, CySA+, GICSP, SSCP, CHFI, CFR, Cloud+, or CND Certification prior to start date 

Nice If You Have:

• Ability to ingest and parse logs within Splunk
• Experience with fields abstraction
• Experience with data modeling using Splunk
• Experience with workflows and drilldown query
• Experience administering Splunk in distributed deployments
• Experience with performing site surveys, data gathering, and research and analysis regarding deploying and implementing security tools
• Splunk Certified Power User or other advanced Splunk Certification
• Experience with DevSecOps and Elasticsearch, Logstash & Kibana (ELK)
• Possession of excellent oral and written communication skills, including using presentation expertise to convey complex
• Ideas to client and internal staff
• Possession of excellent problem-solving skills

SIGINT Intelligence Liaison

Candidates MUST have an active Top Secret/SCI clearance w/CI Poly. This position is onsite in Ft. Meade.  

Guidepoint Security is seeking a SIGINT Intelligence Liaison to join our contract based in Ft. Meade to serve as the primary point of contact sharing SIGINT products (COMINT, ELINT, or FISINT) with partners.

Key Responsibilities

• Work with partners to identify their intelligence needs and translate them into actionable collection requirements for collection platforms.
• Manage and facilitate the use of secure, classified networks for transmitting intelligence.
• Prepare and deliver briefings, talking papers, and intelligence reports to technical and non-technical stakeholders.
• Ensure all intelligence sharing complies with regulatory frameworks.

Required Qualifications

• Has experience Collecting and Interception:
• Operated electronic equipment and computer systems to intercept, process, and analyze electronic signals and communications
• Process and Exploitation
• Manipulate, decode, or extract data from signals
• Analysis
• Identified patterns, anomalies, behaviors, and relationships in the data.
• Reporting and Dissemination
• Experience in producing tactical, operational, and strategic reports
• Briefed reports and findings to senior level officials 
• Supported Operations
• Provided intelligence for electronic operations, developed target packages, mission planning, and collaborated with other intelligence disciplines. 
• Worked to maintain databases, conducted research , and trained junior analyst
• Providing foreign SIGINT to national policymakers, military leaders, and intelligence agencies to support national security, counterterrorism, and global alliances.
• Leading cryptology efforts, including both intelligence gathering (SIGINT) and protecting U.S. government communications and information systems (cybersecurity/Information Assurance).
• Exercising operational control over military cryptologic activities through the Central Security Service (CSS), ensuring coordination across the Army, Navy, Air Force, and other defense components.
• Operating under legal frameworks like Executive Orders and the Foreign Intelligence Surveillance Act (FISA) to safeguard the privacy of U.S. persons while targeting foreign threats.
• Active TS/SCI clearance w/Poly
• Bachelor’s degree in a relevant field or equivalent experience.

Network Engineer III – TS/SCI Clearance

100% onsite - Springfield, VA

Guidepoint Security has an exciting and challenging opportunity available for a Network Engineer supporting an Intelligence Community customer’s wide-area (WAN), local-area (LAN) and campus-area (CAN) networks across multiple security domains.

What You’ll Get to Do:

• Focus will be on Network Engineering, new project requirements, and operation and sustainment of existing infrastructure. 
• Coordination of system maintenance, monitoring and installation of multiple WAN/LAN environments encompassing multiple specializations, platforms and technologies. 
• Assist with research and implementation of enterprise system-wide network solutions/capabilities/enhancements to support customer business/mission goals and objectives.
• Troubleshoot and resolve network media and components.
• Evaluate and monitor health and performance of the network including hardware and management software.
• Develop and maintain a road map for capabilities, operations, and technologies.
• Assist with development and execution of test plans and supporting documentation of all network configuration upgrades, additions or revisions for customer approval before implementation.
• Support network traffic analysis and bandwidth optimization efforts to ensure attainment of performance and availability objectives.
• Evaluate and report on new/emerging network/communication technologies to enhance capacity, performance and reliability of the network.
• Evaluate and recommend changes and/or technology upgrades to address performance, standardization and industry best practices
• Follows all Customer network security processes and procedures, ensures compliance with all Government policies.
• Represent customer requirements in technical exchanges with other government agencies.
• Perform site surveys to new installations and technology refresh.
• Installs, maintains and troubleshoots satellite communications equipment.
• Develop and maintain network architecture diagrams.

You’ll Bring These Qualifications:

• Active TS/SCI
• 8+ years related technical experience in Network and Transport technologies, tools, and techniques
• 4+ years’ experience with large-scale enterprise/global networks in a high paced diverse environment
• Certifications: IAT II
• Understanding and experience with the DoD Architecture Framework and other key DoD network architecture and strategic planning instructions
• Experience with Juniper, switches, routers, and firewalls. (MX, EX, SRX devices) Cryptographic devices (KG-175G/X, KG-245A/X)
• Experience with Network analysis tools (HP/Microfocus Network Automation and Network Node Manager, Juniper Secure Analytics, Infoblox, Riverbed.)
• Experience with Juniper firewall/VPN equipment (SRX series)
• Experience with supporting IP services to connect to NIPRNET, SIPRNET and JWICS (IPv4, VPN, IPv6, Multicast, QOS, SDN, SNMP, VOIP, VTC, etc)
• Experience with OSPF, BGP, MPLS, RSVP/LDP L2/3VPNs, VRFs, IKE/IPSec, GRE tunnels, MTU, FTP, Import/Export policies.

These Qualifications Would be Nice to Have:

• Master’s degree in computer science or related field
• JNCIA, JNCIS, JNCIP, CISCO CCNP, CCVP, CCNA or CCDP (or equivalent)
• ITIL v3 Foundations
• ISC2 CISSP
• CompTIA Security +

Gigamon Network Engineer 

An active Top Secret / SCI clearance with the willingness to take and pass a polygraph exam is required for consideration for hire for this role. Work is to be performed 100% onsite with our Government Customer

Locations available: JBAB (Bolling AFB), DC; Maryland Square, MD; Reston, VA; Quantico, VA

What You’ll Get To Do:

In this role the Gigamon Engineer is responsible for deploying, operating, and sustaining the Gigamon Deep Observability Pipeline across DIA-managed enclaves and mission networks, enabling full packet-level visibility to support intelligence community (IC) cybersecurity operations. 

This position operates within a classified IC environment and requires close coordination with DIA cybersecurity, network operations, and mission partners. The engineer will support threat detection, anomaly analysis, and sensor grid expansion across high-priority intelligence networks, directly contributing to DIA's ability to identify and respond to advanced persistent threats (APTs) and insider threats targeting national security systems.

With mentoring, challenging hands-on problem-solving, and opportunities to learn new tools and skills, we focus on growing as a team to make the best solutions for our customers.

Roles & Responsibilities

• Deploy, configure, and sustain GigaVUE HC-3, T-10, and HD-Series packet brokers; design TAP/SPAN architectures for full traffic visibility across classified and unclassified DIA network segments
• Administer GigaVUE Fabric Manager (GFM) for policy management, traffic mapping, and tool load balancing; configure GigaSMART features including deduplication, slicing, masking, and application filtering
• Integrate Gigamon outputs with DIA-operated SIEM, IDS/IPS, and full-packet capture platforms; ensure all deployments comply with RMF, ICD 503, and applicable DISA STIGs
• Deliver enriched traffic feeds to DIA analytics platforms supporting threat hunting, anomaly detection, and APT/insider threat identification; assess and remediate sensor coverage gaps
• Support SOC analysts and ISSM/ISSO personnel during incident response with packet-level data and flow analysis across SIPRNET, JWICS, and coalition network segments
• Architect and document Gigamon sensor grid topologies for evolving DIA segments including cross-domain and coalition environments; lead design reviews, ECPs, and as-built documentation
• Develop SOPs and runbooks; brief findings and risk assessments to DIA government leads; mentor junior engineers on platform operations and IC cybersecurity practices

Required Qualifications:

• 5-7 years of hands-on experience in network engineering, network security engineering, or a closely related discipline within a DoD or IC environment
• Demonstrated experience deploying and operating Gigamon appliances (GigaVUE HC, T-Series, HD-Series, or equivalent) in production networks
• Experience designing and troubleshooting IP networks including routing protocols (BGP, OSPF), VLANs, spanning tree, and network segmentation
• Experience supporting or operating within DoD or IC classified computing environments including SIPRNET, JWICS, or equivalent enclaves
• Experience documenting network topologies and maintaining as-built diagrams and configuration baselines
• Proficiency with GigaVUE Fabric Manager (GFM) and Gigamon CLI for appliance configuration and policy management
• Knowledge of packet capture and traffic analysis concepts including TAP/SPAN, deduplication, filtering, and flow metadata
• Understanding of network security principles including firewalls, IDS/IPS, proxies, and zero-trust architecture as applied to classified environments
• Familiarity with SIEM platforms (Splunk, ArcSight, or equivalent) and how network visibility feeds enhance detection fidelity
• Working knowledge of multi-domain architectures: LAN, WAN, data center, and virtualized/SDN environments
• DoD 8570 IAT Level II certification — one or more of the following required: 
  • CompTIA Security+ CE
  • GIAC Security Essentials (GSEC)
  • Cisco CyberOps Associate / CCNA Security
  • CySA+, CND, or SSCP
• DoD 8570 CSSP Infrastructure Support certification — must be obtained prior to start date: 
  • Certified Ethical Hacker (CEH)
  • CompTIA CySA+, CND, or Cloud+
  • GIAC GICSP or SSCP
  • CHFI or CFR
• Active Top Secret / SCI clearance with a current Counterintelligence (CI) Polygraph — required at time of hire; no exceptions
• HS diploma or GED and 7+ years of experience with supporting IT projects and activities, Associate’s degree and 5+ years of experience with supporting IT projects and activities, or Bachelor’s degree and 3+ years of experience with supporting IT projects and activities 

Preferred Qualifications:

• Gigamon Certified Engineer (GCE) or equivalent Gigamon product certification
• Experience supporting DIA, NSA, or other IC agency network operations in a contractor or government role
• Experience with DISA STIG implementation and RMF package development for network devices
• Familiarity with full-packet capture platforms (NetScout, Solera, Moloch/Arkime) integrated with Gigamon feeds
• Linux OS administration experience (RHEL, CentOS) in support of network security tooling
• Experience with SolarWinds NPM/IPAM or similar network management and IP address management platforms
• Experience operating within ICD 503, CNSSI 1253, or DIA-specific cybersecurity policy frameworks
• Familiarity with virtualized network environments including VMware NSX, Hyper-V, or cloud-based visibility tools
• Strong written and verbal communication skills with demonstrated ability to brief technical findings to senior government personnel
• Self-directed work ethic with the ability to manage competing priorities in a high-tempo, mission-critical environment

“Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information.”