Arkime Engineer

Booz Allen Hamilton-posted about 22 hours ago
Full-time • Mid Level
Reston, VA
1-10 employees
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

Arkime Engineer Key Role: Architect, deploy, and configure Arkime clusters, capture nodes, viewer nodes, and storage subsystems. Design packet capture strategies aligned to network topology, mission requirements, and Zero T rus t monitoring needs. Develop and automate deployment workflows using scripts, orchestration tools, and configuration management. Integrate Arkime with SIEM, SOAR, EDR, and threat intel platforms to enrich detection and investigation workflows. C ond uct regular tuning of parsers, views, tags, and sessions to support detection engineering and threat hunting. Perform version upgrades, patching, configuration changes, data lifecycle management, and log retention optimization. Align Arkime data capture with Zero T rus t Architecture ( ZTA ) tele met ry requirements. Support the development of visibility baselines, identity-aware policies , and segmentation enforcement strategies. Work with network engineering, cloud engineering, and security operations to ensure end-to-end tele met ry coverage. Develop dashboards, queries, workflows, and documentation for SOC, detection engineers, and incident resp ond ers. Provide training, playbooks, and technical expertise to internal engineering and operations teams.

  • Architect, deploy, and configure Arkime clusters, capture nodes, viewer nodes, and storage subsystems.
  • Design packet capture strategies aligned to network topology, mission requirements, and Zero T rus t monitoring needs.
  • Develop and automate deployment workflows using scripts, orchestration tools, and configuration management.
  • Integrate Arkime with SIEM, SOAR, EDR, and threat intel platforms to enrich detection and investigation workflows.
  • C ond uct regular tuning of parsers, views, tags, and sessions to support detection engineering and threat hunting.
  • Perform version upgrades, patching, configuration changes, data lifecycle management, and log retention optimization.
  • Align Arkime data capture with Zero T rus t Architecture ( ZTA ) tele met ry requirements.
  • Support the development of visibility baselines, identity-aware policies , and segmentation enforcement strategies.
  • Work with network engineering, cloud engineering, and security operations to ensure end-to-end tele met ry coverage.
  • Develop dashboards, queries, workflows, and documentation for SOC, detection engineers, and incident resp ond ers.
  • Provide training, playbooks, and technical expertise to internal engineering and operations teams.
  • 5+ years of experience in cybersecurity, network security engineering, or security operations
  • Experience in packet analysis, PCAP management, DPI technologies, and network protocols such as TCP / IP, DNS, TLS, or HTTP
  • Experience with packet or flow analysis platforms such as Suricata or Zeek
  • Experience engineering within a Zero T rus t Architecture ( ZTA ) , including segmentation, continuous verification, and identity-centric access
  • Experience with Linux systems administration, containers, and distributed systems, leveraging SIEM / SOAR platforms, and integrating packet tele met ry with detection workflows
  • Experience with automation tools, such as Ansible, Terraform, and scripts, and infrastructure-as-code concepts
  • Active TS/SCI clearance; willingness to take a polygraph exam
  • Asso cia te’s degree and 5+ years of experience supporting IT projects and activities, Bachelor’s degree and 3+ years of experience supporting IT projects and activities, or Master’s degree and 1+ years of experience supporting IT projects and activities
  • Active DoD 8570.01-M Information Assurance Techni cia n ( IAT ) Level II Certification, including Security+ CE, CCNA-Security, GSEC, SSCP, CySA+, GICSP, or CND
  • Ability to obtain a DoD 8570.01-M Cybersecurity Service Provider - Infrastructure Support Certification, including CEH, CySA+, GICSP, SSCP, CHFI, CFR, Cloud+, or CND certification within 30 days of start date
  • Experience implementing and maintaining Arkime or Moloch in production environments
  • Experience with cloud networking and traffic inspection in AWS, Azure, or GCP
  • Experience with Elastic Stack or similar search and index pipelines
  • Experience supporting regulated or high-security environments such as FedRAMP, DoD, IC, or PCI
  • Ability to translate technical findings into clear operational guidance
  • Ability to lead discussions with engineers, analysts, architects, and leadership
  • Possession of strong analytical and problem-solving skills
  • health
  • life
  • disability
  • financial
  • retirement benefits
  • paid leave
  • professional development
  • tuition assistance
  • work-life programs
  • dependent care
  • recognition awards program
Track Jobs with Teal

Job Search Resources

Resume Builder
Resume Examples
Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service