Linux Network Security Engineer
Company: Booz Allen Hamilton
Location: Reston
Posted on: April 4, 2026
|
|
|
Job Description:
Linux Network Security Engineer The Opportunity: We are seeking
a seasoned Endace Implementation and Sustainment Engineer to
architect, deploy, integrate, and operate Endace packet capture,
monitoring, and network recording platforms across a large,
distributed enterprise. The ideal candidate has deep experience in
network forensics, packet analytics, and telemetry architecture,
combined with hands-on familiarity supporting Zero Trust visibility
and segmentation strategies. This role owns the end-to-end
lifecycle for Endace systems, including design, installation,
configuration, maintenance, and long-term optimization, while
integrating the platform with SIEM or SOAR, detection engineering,
analytics tooling, and broader Zero Trust security controls. You
will lead the design, deployment, and configuration of Endace
appliances for enterprise-scale packet capture. You will develop
packet capture strategies aligned to network architecture, mission
requirements, and Zero Trust visibility controls. You will be
building high-availability, scalable, and resilient Endace clusters
across data centers and cloud-connected environments. You will
integrate Endace with analytics ecosystems. You will be maintaining
and tuning Endace hardware and software for optimal performance,
including upgrades, patching, sensor tuning, and storage lifecycle.
You will be troubleshooting packet loss, timing drift, flow
indexing issues, clock synchronization, and performance
bottlenecks. You will be monitoring device health, capacity, and
telemetry fidelity to ensure consistent and forensically sound data
capture. You will be managing PCAP retention strategies, indexing
policies, and storage allocation across distributed deployments.
You will be aligning Endace visibility architecture with Zero Trust
telemetry requirements and continuous verification workflows. You
will ensure packet capture and telemetry support identity-aware
network segmentation and policy enforcement. You will support the
development of traffic baselines, segmentation decisions, and
enforcement models using Endace data. You will automate deployment,
configuration, and sustainment workflows using Ansible, Terraform,
or scripting. Building dashboards, runbooks, playbooks, and
investigation workflows for SOC, threat hunters, and IR teams. You
will partner with network engineering, cloud teams, and security
operations to ensure full-spectrum telemetry coverage. You will
deliver training and guidance to operational teams on Endace
platform usage and best practices. Join us. The world can't wait
You Have: 5 years of experience in cybersecurity engineering, Linux
system administration, network security, or SOC tooling Experience
supporting regulated or high-security environments Experience with
PowerShell, Bash, Python, or Ansible Experience integrating packet
capture tools with SIEMs, SOAR tools, and investigation platforms
Knowledge of core network protocols Active TS/SCI clearance;
willingness to take a polygraph exam Associate’s degree and 5 years
of experience supporting IT projects and activities, Bachelor’s
degree and 3 years of experience supporting IT projects and
activities, Master’s degree and 1 year of experience supporting IT
projects and activities, or 7 years of experience supporting IT
projects and activities in lieu of degree DoD 8570.01-M Information
Assurance Technician (IAT) Level II Certification, including
Security CE, CCNA-Security, GSEC, SSCP, CySA, GICSP, or CND
Certification Ability to obtain a DoD 8570.01-M Cybersecurity
Service Provider - Infrastructure Support Certification, including
CEH, CHFI, CFR, Cloud, or CND certification within 30 days of start
date Nice If You Have: Experience deploying, configuring, and
managing Endace DAG and EndaceProbe solutions in production
Experience leading architecture conversations and driving platform
strategy Experience with complementary network tools Experience
with cloud networking and packet capture strategies in AWS, Azure,
or GCP Knowledge of packet analysis, network forensics, deep packet
inspection, and PCAP workflows Ability to collaborate with
cross-functional technical and non-technical stakeholders
Possession of strong analytical and problem-solving skills
Possession of excellent communication and documentation skills
CISSP, GCIA, GNFA, GCIH, or other Certification Clearance:
Applicants selected will be subject to a security investigation and
may need to meet eligibility requirements for access to classified
information; TS/SCI clearance is required. Compensation At Booz
Allen, we celebrate your contributions, provide you with
opportunities and choices, and support your total well-being. Our
offerings include health, life, disability, financial, and
retirement benefits, as well as paid leave, professional
development, tuition assistance, work-life programs, and dependent
care. Our recognition awards program acknowledges employees for
exceptional performance and superior demonstration of our values.
Full-time and part-time employees working at least 20 hours a week
on a regular basis are eligible to participate in Booz Allen’s
benefit programs. Individuals that do not meet the threshold are
only eligible for select offerings, not inclusive of health
benefits. We encourage you to learn more about our total benefits
by visiting the Resource page on our Careers site and reviewing Our
Employee Benefits page. Salary at Booz Allen is determined by
various factors, including but not limited to location, the
individual’s particular combination of education, knowledge,
skills, competencies, and experience, as well as contract-specific
affordability and organizational requirements. The projected
compensation range for this position is $99,000.00 to $225,000.00
(annualized USD). The estimate displayed represents the typical
salary range for this position and is just one component of Booz
Allen’s total compensation package for employees. This posting will
close within 90 days from the Posting Date. Identity Statement As
part of the hiring process, we will ask you to complete an identity
verification process that leverages advanced biometrics and
artificial intelligence to ensure authenticity and protect against
identity fraud. You are expected to be on camera during interviews
and assessments. We reserve the right to take your picture to
verify your identity and prevent fraud. Candidate AI Usage Policy
AI is a part of our daily work at Booz Allen, and we are committed
to the responsible and ethical use of AI tools. However, we want to
ensure a fair candidate process based on your own skills and
knowledge. As part of this commitment, the use of artificial
intelligence (AI) or other tools to assist with responses during
interviews (whether in-person or virtual) is prohibited unless
permission is explicitly provided . Work Model Our people-first
culture prioritizes the benefits of collaboration, whether it
occurs in person or virtually. To support engagement and effective
communication, employees working virtually are generally expected
to have their cameras on during meetings. Remote : If this position
is listed as remote, there may still be occasions when you are
required to work in person at a Booz Allen or customer facility.
Hybrid : If this position is listed as hybrid, you will be expected
to work from a Booz Allen facility frequently, in alignment with
leadership expectations and the needs of the role. You may also be
required to work from or visit a customer facility. Onsite : If
this position is listed as onsite, work will primarily be performed
at a Booz Allen office or customer facility, where employees will
collaborate directly with colleagues and customers as required by
the role. Commitment to Non-Discrimination All qualified applicants
will receive consideration for employment without regard to
disability, status as a protected veteran or any other status
protected by applicable federal, state, local, or international
law.
Keywords: Booz Allen Hamilton, Lancaster , Linux Network Security Engineer, Engineering , Reston, Pennsylvania
