IDS Operations Engineer

Description

• About the Opportunity We are seeking an IDS Operations Engineer to join a high-performing enterprise security operations environment focused on protecting large-scale infrastructure against evolving cyber threats. This role is ideal for security professionals who enjoy hands-on operational work threat analysis incident response and continuous improvement of enterprise detection capabilities.
• The engineer will work closely with Security Operations Network Security Engineering and Incident Response teams to monitor investigate tune and support enterprise Intrusion Detection Systems (IDS) across complex production environments. This opportunity provides strong exposure to real-world enterprise security operations modern detection tooling and advanced troubleshooting within mission-critical environments.
• This role offers growth opportunities across both operational security monitoring and advanced IDS engineering functions. What Youll Be DoingIDS Monitoring & Security Operations

• Monitor and analyze IDS alerts across enterprise environments
• Perform initial triage and validation of security events
• Distinguish false positives from legitimate threats and suspicious activity
• Investigate alerts using operational procedures runbooks and security tooling
• Track and manage incidents through established operational workflows
• Escalate complex security events with clear technical documentation and findings Advanced IDS Engineering & Threat Analysis
• Perform deep analysis and troubleshooting of escalated IDS incidents
• Tune IDS rules signatures and detection policies to improve detection quality and reduce false positives
• Troubleshoot blocked traffic signature conflicts and policy-related issues
• Support implementation of approved IDS configuration changes and platform updates
• Participate in root cause analysis (RCA) and continuous improvement initiatives
• Collaborate with engineering and security teams to strengthen enterprise detection capabilities What Were Looking ForRequired Experience
• Strong understanding of:
  • Network security fundamentals
  • Intrusion Detection Systems (IDS)
  • Security operations processes
  • Threat detection and incident response
• Experience working with:
  • Fortinet security technologies
  • SIEM platforms such as Splunk
  • Enterprise monitoring and alerting tools
• Familiarity with:
  • Incident management workflows
  • ITSM tooling
  • Escalation procedures
  • Operational runbooks and SOPs
• Strong troubleshooting analytical and problem-solving skills
• Ability to communicate effectively during operational incidents and escalations Preferred Experience
• Experience working within 24x7 Security Operations Center (SOC) environments
• IDS rule tuning and alert optimization experience
• Exposure to policy management and detection engineering
• Experience participating in incident investigations and root cause analysis
• Ability to work effectively across security infrastructure and engineering teams