Cyber EngineerArkime Engineer

REQUIRES AN ACTIVE EXISTING TS/SCI WITH CI POLYGRAPH - NO REMOTE WORK MUST WORK ON SITE

We are seeking a highly skilled Arkime (formerly Moloch) Implementation & Sustainment Engineer to design deploy operate and enhance our enterprise packet-capture and deep network visibility capability. The ideal candidate combines hands-on Arkime expertise with strong Zero Trust engineering principles to support threat detection forensics segmentation and continuous monitoring across a complex distributed environment. You will directly improve the organizations ability to detect threats early respond faster and understand network behavior at scale-ensuring that identity-driven least-privilege policies are backed by deep telemetry and forensic depth

This role will drive full lifecycle engineering-from architecture and deployment to tuning integrations sustainment and long-term optimization-while partnering with cross-functional security network and platform teams.

Key Responsibilities:

Architect deploy and configure Arkime clusters capture nodes viewer nodes and storage subsystems.

Design packet capture strategies aligned to network topology mission requirements and Zero Trust monitoring needs.

Develop and automate deployment workflows using scripts orchestration tools and configuration management.

Integrate Arkime with SIEM SOAR EDR and threat intel platforms to enrich detection and investigation workflows.

Conduct regular tuning of parsers views tags and sessions to support detection engineering and threat hunting.

Perform version upgrades patching configuration changes data lifecycle management and log retention optimization.

Align Arkime data capture with Zero Trust Architecture (ZTA) telemetry requirements.

Support development of visibility baselines identity-aware policies and segmentation enforcement strategies.

Work with network engineering cloud engineering and security operations to ensure end-to-end telemetry coverage.

Develop dashboards queries workflows and documentation for SOC detection engineers and incident responders.

Provide training playbooks and technical expertise to internal engineering and operations teams.

Basic Qualifications:

5 years of experience in cybersecurity network security engineering or security operations.

Strong background in packet analysis PCAP management DPI technologies and network protocols (TCP/IP DNS TLS HTTP etc.).

Familiarity with Suricata Zeek or other packet/flow analysis platforms.