Modernization Cyber Network Intrusion Detection Engineer - NE1

Lockheed Martin Corporation•Hanover, MD

41d•Onsite

About The Position

The Work: We are seekingâ¯Network Intrusion Detection Engineersâ¯with deep expertise in packetâlevel traffic analysis using Wireshark and related tooling. Provide endâtoâend lifecycle services that enable our Cyber & Intelligence mission to detect, analyze, and mitigate advanced threats against critical communications and SIGINT midpoint collection systems. Modernize and sustain intrusionâdetection capabilities by designing, integrating, and enhancing Wiresharkâbased analysis pipelines, automated signature generation, and realâtime alerting for highâthroughput data streams. Drive the next phase of productâsuite modernization by leveraging containerization, cloudânative processing, dataâflow orchestration, and AI/MLâassisted anomaly detection to surface malicious activity faster and at scale. For a complete list that changes weekly, use this term to search via the Lockheed Martin jobs website: #RMSRB2025 Come join a company with incredible breadth and depth in the nature of programs and technologies we support that will never leave you bored or looking for your next assignment. Stop having to look for a new job with every rumor and whim of contract changes. What We're Doing: Lockheedâ¯Martinâ¯Cyber &â¯Intelligence invites you to confront one of today's most formidable challenges: protecting the nation's digital lifelines from sophisticated intrusion attempts. As aâ¯Network Intrusion Detection Engineer, you will: Safeguard the networks that move financial assets, healthcare data, critical infrastructure controls, and energy flow every minute. Work sideâbyâside with worldâclass cyberâsecurity professionals on the front lines of threat hunting, packet analysis, and proactive defense. Apply the full depth of Lockheedâ¯Martin's resources-advanced labs, AI research, and global threat intel-to keep adversaries at bay. Cyber | Lockheed Martin Who We Are: Are you passionate about turning raw packet captures into actionable threat intelligence? Do you thrive on building automated detection frameworks that evolve with the threat landscape? Join a team that is pioneering the modernization of network intrusion detection-from handcrafted Wireshark filters to AIâdriven, cloudâscaled analytics. Our culture rewards curiosity, relentless improvement, and collaborative problemâsolving. We are looking for engineers who share our commitment to excellence and innovation. Why Join Us: Your Health, Your Wealth, Your Life Our flexible schedules, competitive pay and comprehensive benefits enable you to live a healthy, fulfilling life at and outside of work. Learn more about Lockheed Martin's competitive and comprehensive benefits package. We support our employees, so they can support our mission. Plus, you may be eligible for up to a $25K sign on bonus as an external hire! We are proactively recruiting for a future need, with the expectation of a 2025 or early 2026 start date. This requisition is being used for contingent offers.

Requirements

Current DoD Top Secret SCI with Polygraph
High School Diploma/GEDâ¯+â¯12â¯years general systems administration experience OR
Bachelor's degree in Computer Science, Information Systems, Electrical Engineering, or related fieldâ¯+â¯4â¯years professional experience in network intrusion detection OR
Master's degree in a relevant disciplineâ¯+â¯2â¯years professional experience in network security analysis.
Cisco certification (CCNA, CCNP, or higher) required.

Nice To Haves

Wireshark Expertise - Mastery of capture, filtering, and protocolâspecific dissectors; ability to develop custom dissectors and custom scripts.
Intrusion Detection Design - Create and maintain signatureâbased and anomalyâbased detection rules, integrate with IDS/IPS platforms (e.g., Snort).
Automated Analysis Pipelines - Build containerized workflows (Docker/Kubernetes) that ingest PCAP streams, extract features, and feed ML models for threat classification.
Network Performance Optimization - Minimize latency and maximize throughput while ensuring packetâcapture fidelity on highâspeed links.
DataâFlow Management - Engineer endâtoâend data pipelines using Apache Kafka, or Spark to handle realâtime traffic analytics.
AI/ML Integration - Apply supervised and unsupervised learning (e.g., deep packet inspection, clustering) to detect zeroâday patterns.
Protocol Suites - Deep knowledge of TCP/IP, UDP, TLS/SSL, HTTP/2, DNS, SIP, and emerging protocols (QUIC, MQTT).
Device Hardening - Experience securing routers, switches, and firewalls (Cisco IOS/NXâOS, Arista EOS) to meet stringent DoD security standards.
Network Services - Proficient in configuring VPN, QoS, VLANs, network slicing, and segmentation for secure traffic isolation.
Troubleshooting Tools - Advanced use of Wireshark, TShark, Tcpdump, NetFlow, suite for packetâlevel diagnostics.
Scripting & Automation - Python, Bash, PowerShell for rapid development of analysis scripts and CI/CD pipelines.

Responsibilities

Provide endâtoâend lifecycle services that enable our Cyber & Intelligence mission to detect, analyze, and mitigate advanced threats against critical communications and SIGINT midpoint collection systems.
Modernize and sustain intrusionâdetection capabilities by designing, integrating, and enhancing Wiresharkâbased analysis pipelines, automated signature generation, and realâtime alerting for highâthroughput data streams.
Drive the next phase of productâsuite modernization by leveraging containerization, cloudânative processing, dataâflow orchestration, and AI/MLâassisted anomaly detection to surface malicious activity faster and at scale.
Safeguard the networks that move financial assets, healthcare data, critical infrastructure controls, and energy flow every minute.
Work sideâbyâside with worldâclass cyberâsecurity professionals on the front lines of threat hunting, packet analysis, and proactive defense.
Apply the full depth of Lockheedâ¯Martin's resources-advanced labs, AI research, and global threat intel-to keep adversaries at bay.