Network IDS Engineer

• The IDS Engineer is responsible for operating, tuning, and enhancing the organisation's Intrusion Detection and Prevention (IDS/IPS) platforms. The role ensures that network and security telemetry is accurately collected, analysed, and actioned to maintain strong detection capability and timely response to threats., * Maintain and support the IDS/IPS platforms, ensuring sensors, signatures, and feeds are up-to-date and functioning correctly.
• Perform ongoing tuning of detection rules and signatures to reduce noise, minimise false positives, and improve detection accuracy.
• Work closely with SOC analysts to investigate suspicious activity, provide packet-level analysis, and support incident triage and escalation.
• Configure and maintain traffic capture and mirroring tools (eg, network taps, packet brokers) to ensure appropriate visibility across critical network segments.
• Validate and deploy new signatures, behavioural detections, and rule updates across IDS/IPS platforms.
• Monitor platform health, performance, and capacity, raising remediation actions as required.
• Contribute to the development of detection logic based on new threats, IOCs, and intelligence feeds.
• Document changes, detection tuning decisions, and improvements to ensure traceability and operational readiness.

• Hands-on experience with IDS/IPS technologies such as Snort, Suricata, Zeek, Cisco Firepower, Palo Alto Threat Prevention, or equivalent.
• Strong packet capture and traffic analysis skills using tools like Wireshark, tcpdump, or similar.
• Solid understanding of core network fundamentals (TCP/IP, layer 2/3 protocols, routing, VLANs, NAT).
• Experience working with SIEM platforms and integrating/forwarding IDS logs for analysis and correlation.
• Ability to write, modify, or tune signatures and rules based on threat behaviour and network context.

Desirable

• Experience with automation (Python, REST APIs) for deploying signatures or collecting IDS metrics.
• Familiarity with threat intelligence concepts and IOC mapping.
• Certifications such as GCIA, GCIH, CCNA Security, or equivalent.

Knutsford, Cheshire - £420 per day through FCSA Umbrella Contract Posted by: eTeam Workforce Limited Posted: Monday, 9 March 2026 We are a Global Recruitment specialist that provides support to the clients across EMEA, APAC, US and Canada. We have an excellent job opportunity for you.