Cybersecurity SME – Network & Threat Detection Ft. Meade, MD POSITION SUMMARY: Founded in 2001, Indigo IT is an award winning information technology consulting and services company. We are a trusted services provider to government agencies seeking innovative Cloud, Cybersecurity, Knowledge Management, and Enterprise solutions. We know our defense, federal, and civilian customers have critical IT infrastructures that must remain reliable, available, and maximized. Indigo IT is mission focused and committed to maintaining a sense of urgency in anticipating and supporting our customers’ technology goals and objectives. Our unique ability to think beyond today allows our clients to stay ahead of their IT challenges. As a Veteran-Friendly employer, we are proudly partnered with the Virginia Values Veterans (V3) Program, and a recipient of the HIRE Vets Gold Medallion Award, which recognizes our commitment to recruiting our nation’s Veterans. Recognized on the Inc. 5000 list of America’s fastest growing companies in 2020 & 2021 and named as one of the 2022 Best Places to Work in Virginia, we are always looking to hire top talent in the field - come join us today! We are seeking a highly skilled Cybersecurity SME – Network & Threat Detection to support advanced cyber sensing and threat detection initiatives within the Department of Defense (DoD). This role will focus on Intrusion Detection Systems (IDS), Open Sensor Platform (OSP), Full Packet Capture (FPCAP), and Automated Security Validation (ASV) to enhance the DoD’s ability to detect, analyze, and respond to cyber threats in real time. The ideal candidate will have deep expertise in network security, cyber threat intelligence, AI-driven detection tools, and large-scale sensor deployments. They will work closely with cyber operations teams, engineers, and program managers to optimize cybersecurity capabilities across multiple locations. Key Responsibilities: + Lead the design, deployment, and maintenance of cyber sensing technologies, including OSP, FPCAP, ASV, and IDS. + Support advanced threat detection capabilities, including the identification of zero-day, polymorphic, and fileless malware. + Leverage AI-driven tools (BluVector) and Machine Learning (ML) classifiers for real-time threat analysis. + Manage network and file content visibility through Zeek (Bro), ClamAV, YARA rules, and File Reputation Engines. + Develop and implement detection signatures, scripts, and automated correlation of threat intelligence data. + Ensure full packet capture (FPCAP) data collection, storage, and retrieval for forensic investigations. + Integrate Zeek metadata, NetFlow logs, and SIEM ingestion (Splunk, Kafka, syslog) for comprehensive threat monitoring. + Collaborate with DISA, Joint Cyber Implementation Program (JCIP), and other DoD cyber units to implement and improve cyber defenses. + Provide Tier II/III support for IDS operations, overseeing 336+ sensors and multiple management consoles across key DoD sites. + Support the modernization of cyber sensor platforms, including virtualization, cloud migration, and centralized management of security tools. + Ensure compliance with DoD cybersecurity policies, frameworks, and accreditation requirements. Required Qualifications: + 10+ years of experience in cybersecurity, network security, or cyber threat detection. + Deep expertise in Intrusion Detection Systems (IDS), Full Packet Capture (FPCAP), and cyber threat analysis. + Strong experience with Zeek (Bro), Splunk, SIEM integration, and NetFlow analytics. + Hands-on experience with malware detection technologies (BluVector, ClamAV, YARA, File Reputation Engines). + Proficiency in packet analysis, network forensics, and AI/ML-driven threat detection. + Experience with COTS cyber solutions, including BluVector, Endace, and other sensor platforms. + Knowledge of cloud security, virtualization of security sensors, and DoD security architectures. + Familiarity with federal cybersecurity compliance (NIST, RMF, DISA STIGs, and DoD ATO processes). + Strong scripting and automation skills (Python, Bash, or PowerShell) for security analysis and sensor tuning. + Active DoD Top Secret clearance. Preferred Qualifications: + Experience with Kafka, syslog, and SIEM data forwarding. + Knowledge of Red Team/Blue Team methodologies and Breach & Attack Simulation (BAS). + Understanding of cloud migration for cybersecurity operations (AWS, Azure, or DoD Cloud). + Relevant cybersecurity certifications such as CISSP, CEH, GCIA, GCIH, or OSCP. At Indigo IT, we offer an expansive benefits package for our employees, which includes: Medical, Dental, and Vision coverage options. In addition, we offer 401(k) with company match, Group life and disability, Flex Spending Accounts (FSA), Paid Time Off (PTO), Paid holidays, and Education assistance. We also have in house training programs for employees, we reward thought leadership with bonuses and recognition for publishing, speaking, and innovative thought leadership in our industry. Indigo IT is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. This employer uses E-Verify.