Intrusion Detection Systems; IDS Engineer

Intrusion Detection Systems (IDS) Engineer

Leidos seeks a skilled IDS Engineer to manage and maintain enterprise network infrastructure, operating Network IDS platforms such as Snort 3.x, developing detection signatures, and supporting Security Operations through proactive threat detection and analysis.

• Manage, configure, and maintain Snort 3.x servers and applications.
• Monitor and optimize network intrusion detection platform performance.
• Ensure high availability and reliability of IDS infrastructure.
• Perform system updates, patches, and upgrades as needed.
• Create, test, and maintain YARA signatures for malware detection.
• Develop and tune Snort rules to detect emerging threats.
• Utilize regular expressions to build effective detection patterns.
• Analyze false positives and refine signatures for accuracy.
• Collaborate with Security Operations team on threat detection and response.
• Provide technical expertise on IDS alerts and network security events.
• Participate in incident response activities when network intrusions are detected.
• Document procedures, configurations, and security findings.
• Execute Unix/Linux command line operations for IDS and security tool management.
• Automate routine tasks through scripting and configuration management.
• Troubleshoot system and application issues independently.
• Maintain system logs and audit trails.

• 3+ years of experience in network security or intrusion detection.
• Demonstrated experience with Snort 3.x or similar IDS/IPS platforms.
• Proficiency with Unix/Linux operating systems.
• Experience writing detection signatures (Snort, YARA, or similar).
• Strong understanding of TCP/IP networking and common attack vectors.
• Bachelor's degree in Computer Science, Cybersecurity or related field (or equivalent experience).
• Self‑starter: ability to work independently, prioritize tasks and drive initiatives forward.
• Clear written and oral communication skills appropriate for professional environments.
• Familiarity with Agile frameworks and iterative development practices.
• Analytical mindset with strong troubleshooting capabilities.
• Ability to obtain and maintain a Public Trust clearance. (Contract requirement)
• Willingness to work on‑site in Woodlawn, MD 5 days a week.

• Industry certifications such as GCIA, GCIH, Security+ or CEH.
• Experience with SIEM platforms and log analysis tools.
• Knowledge of threat intelligence feeds and integration.
• Programming skills (Python, Bash or Power Shell).
• Experience with containerization and orchestration (Docker, Kubernetes).
• Understanding of Dev Sec Ops  practices.

All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.