Endace Platform Engineer - Active TS/SCI with CI Poly

ENS Solutions-posted 8 days ago
Full-time • Mid Level
Washington, DC
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

We are seeking a seasoned Endace Implementation & Sustainment Engineer to architect, deploy, integrate, and operate Endace packet capture, monitoring, and network recording platforms across a large, distributed enterprise. The ideal candidate has deep experience in network forensics, packet analytics, and telemetry architecture, combined with hands-on familiarity supporting Zero Trust visibility and segmentation strategies. This role owns the end-to-end lifecycle for Endace systems—including design, installation, configuration, maintenance, and long-term optimization—while integrating the platform with SIEM/SOAR, detection engineering, analytics tooling, and broader Zero Trust security controls.

  • Leading the design, deployment, and configuration of Endace appliances for enterprise-scale packet capture.
  • Developing packet capture strategies aligned to network architecture, mission requirements, and Zero Trust visibility controls.
  • Building high-availability, scalable, and resilient Endace clusters across data centers and cloud-connected environments.
  • Integrating Endace with analytics ecosystems (SIEM, SOAR, NDR, EDR, threat intel, investigation platforms).
  • Maintaining and tuning Endace hardware and software for optimal performance, including upgrades, patching, sensor tuning, and storage lifecycle.
  • Troubleshooting packet loss, timing drift, flow indexing issues, clock synchronization, and performance bottlenecks.
  • Monitoring device health, capacity, and telemetry fidelity to ensure consistent, forensically-sound data capture.
  • Managing PCAP retention strategies, indexing policies, and storage allocation across distributed deployments.
  • Aligning Endace visibility architecture with Zero Trust telemetry requirements and continuous verification workflows
  • Ensuring packet capture and telemetry support identity-aware network segmentation and policy enforcement.
  • Supporting development of traffic baselines, segmentation decisions, and enforcement models using Endace data.
  • Automating deployment, configuration, and sustainment workflows using Ansible, Terraform, or scripting.
  • Building dashboards, runbooks, playbooks, and investigation workflows for SOC, threat hunters, and IR teams.
  • Partnering with network engineering, cloud teams, and security operations to ensure full-spectrum telemetry coverage.
  • Deliverin training and guidance to operational teams on Endace platform usage and best practices.
  • 5+ years of experience in cybersecurity engineering, network security, or SOC tooling.
  • Strong understanding of packet analysis, network forensics, deep packet inspection, and PCAP workflows.
  • Proficiency in Linux administration and scripting (Python, Bash, PowerShell).
  • Experience supporting regulated or high-security environments (DoD, IC, FedRAMP, PCI, HIPAA).
  • Familiarity with Zero Trust Architecture, segmentation principles, and identity-centric policy models.
  • Demonstrated experience integrating Endace with SIEMs, SOAR tools, and investigation platforms.
  • Solid understanding of core network protocols (TCP/IP, TLS, DNS, HTTP/S, NetFlow/IPFIX, etc.)
  • Active TS/SCI clearance; willingness to take a polygraph exam
  • Associate’s degree and 5+ years of experience supporting IT projects and activities, Bachelor’s degree and 3+ years of experience supporting IT projects and activities, or Master’s degree and 1+ year of experience supporting IT projects and activities. Years of experience may be accepted in lieu of degree.
  • DoD 8570.01-M Information Assurance Technician (IAT) Level II Certification, including Security+ CE, CCNA-Security, GSEC, SSCP, CySA+, GICSP, or CND Certification
  • Ability to obtain a DoD 8570.01-M Cybersecurity Service Provider - Infrastructure Support Certification, including CEH, CHFI, CFR, Cloud+, or CND certification within 30 days of start date
  • Proven hands-on experience deploying, configuring, and managing Endace DAG/EndaceProbe solutions in production.
  • Familiarity with complementary network tools (Zeek, Suricata, Arkime, NDR platforms).
  • Experience with cloud networking and packet capture strategies in AWS, Azure, or GCP.
  • Certifications such as CISSP, GCIA, GNFA, GCIH, or vendor-specific credentials.
  • Strong analytical and problem-solving ability.
  • Excellent communication and documentation skills.
  • Able to collaborate with cross-functional technical and non-technical stakeholders.
  • Comfortable leading architecture conversations and driving platform strategy.
  • Free Platinum-Level Medical/Dental/Vision coverage, 100% paid for by ENS
  • 401k Contribution from Day 1
  • PTO + 11 Paid Federal Holidays
  • Long & Short Term Disability Insurance
  • Group Term Life Insurance
  • Tuition, Certification & Professional Development Assistance
  • Workers’ Compensation
  • Relocation Assistance
Track Jobs with Teal

Job Search Resources

Resume Builder
Resume Examples
Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service