Arkime Engineer

Apply for the Arkime Engineer role at Booz Allen Hamilton
.

R0230007

Architect, deploy, and configure Arkime clusters, capture nodes, viewer nodes, and storage subsystems. Design packet capture strategies aligned to network topology, mission requirements, and Zero Trust monitoring needs. Develop and automate deployment workflows using scripts, orchestration tools, and configuration management. Integrate Arkime with SIEM, SOAR, EDR, and threat intel platforms to enrich detection and investigation workflows. Conduct regular tuning of parsers, views, tags, and sessions to support detection engineering and threat hunting.

Perform version upgrades, patching, configuration changes, data lifecycle management, and log retention optimization. Align Arkime data capture with Zero Trust Architecture (ZTA) telemetry requirements. Support the development of visibility baselines, identity‑aware policies, and segmentation enforcement strategies. Work with network engineering, cloud engineering, and security operations to ensure end‑to‑end telemetry coverage. Develop dashboards, queries, workflows, and documentation for SOC, detection engineers, and incident responders.

Provide training, playbooks, and technical expertise to internal engineering and operations teams.

• 5+ years of experience in cybersecurity, network security engineering, or security operations
• Experience in packet analysis, PCAP management, DPI technologies, and network protocols such as TCP/IP, DNS, TLS, or HTTP
• Experience with packet or flow analysis platforms such as Suricata or Zeek
• Experience engineering within a Zero Trust Architecture (ZTA), including segmentation, continuous verification, and identity‑centric access
• Experience with Linux systems administration, containers, and distributed systems, leveraging SIEM/SOAR platforms, and integrating packet telemetry with detection workflows
• Experience with automation tools, such as Ansible, Terraform, and scripts, and infrastructure‑as‑code concepts
• Active TS/SCI clearance; willingness to take a polygraph exam
• Associate’s degree with 5+ years of experience supporting IT projects and activities, Bachelor’s degree with 3+ years, or Master’s degree with 1+ year
• Active DoD 8570.01‑M Information Assurance Technician (IAT) Level II Certification, including Security+ CE, CCNA‑Security, GSEC, SSCP, CySA+, GICSP, or CND
• Ability to obtain a DoD 8570.01‑M Cybersecurity Service Provider – Infrastructure Support Certification within 30 days of start date

• Experience implementing and maintaining Arkime or Moloch in production environments
• Experience with cloud networking and traffic inspection in AWS, Azure, or GCP
• Experience with Elastic Stack or similar search and index pipelines
• Experience supporting regulated or high‑security environments such as FedRAMP, DoD, IC, or PCI
• Ability to translate technical findings into clear operational guidance
• Ability to lead discussions with engineers, analysts, architects, and leadership
• Possession of strong analytical and problem‑solving skills

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance is required.

Salary range: $77,600.00 to $ (annualized USD). Compensation is determined by location, candidate qualifications, and contract specifics. Booz Allen offers health, life, disability, financial, and retirement benefits; paid leave; professional development; tuition assistance; work‑life programs; and dependent care. Full‑time and part‑time employees working at least 20 hours a week are eligible to participate in the benefit programs. The posting will close within 90 days from the posting date.

As part of the application process, you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud.

Our people‑first culture prioritizes the benefits of flexibility and collaboration, whether that happens in person or remotely.

• If this position is listed as remote or hybrid, you’ll periodically work from a Booz Allen or client site facility.
• If this position is listed as onsite, you’ll work with colleagues and clients in person, as needed for the role.

All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, local, or international law.

Not Applicable

Full‑time

Engineering and Information Technology

IT Services and IT Consulting