Cybersecurity/IDS Engineer Lead

The Systems Engineer III - IDS Lead serves as the senior technical authority for Intrusion Detection Systems (IDS) supporting DISA's enterprise sensing environment. This role leads operational sustainment, Tier 2 support, system integration, configuration management, and performance optimization activities to ensure IDS capabilities remain reliable, secure, and mission-ready. The IDS Lead works closely with Government stakeholders, cybersecurity teams, engineering leadership, and operations personnel to maintain and enhance IDS platforms and ensure effective integration with other enterprise sensing capabilities. ESSENTIAL FUNCTIONS/RESPONSIBILITIES:

• Serve as the technical lead for Tier-II IDS operations, ensuring the availability, stability, and operational effectiveness of the Cisco Firepower sensor grid.
• Lead advanced Tier-II troubleshooting of the FMCs and sensors, including root cause analysis of outages, performance degradation, and data flow issues.
• Monitor the health and status of all 336 sensors and 8 FMCs, proactively identifying and resolving issues before they cause a mission impact.
• Formally escalate all issues requiring baseline configuration changes, deep engineering, or vendor bug fixes to the designated Tier-III CSSP provider, providing detailed technical findings to support the handoff.
• Support the development and maintenance of Tier-II standard operating procedures (SOPs), incident response playbooks, and operational documentation for the Cisco Firepower environment.
• Support cybersecurity scanning (ACAS) and remediation activities on IDS lab equipment to maintain the system's Authority to Operate (ATO).
• Collaborate with security and compliance teams to support continuous monitoring and POA&M tracking for the IDS baseline.
• Coordinate with the Tier-III provider to support the deployment of Cisco Firepower software patches, signature updates (SRUs), and vulnerability database (VDB) updates across the enterprise.
• Maintain and update system documentation, including network diagrams, inventory records, and the Master Site POC list.
• Provide mentoring and technical guidance to junior Systems Engineers supporting IDS operations.
• Act as the primary technical point of contact for Government stakeholders regarding the operational status and Tier-II sustainment of the IDS service.
• Participate in technical discussions, reviews, and briefings related to IDS operations.

• Active DoD Secret clearance (Required).
• Ten (10) or more years of experience in systems engineering or network security roles supporting large-scale DoD enterprise environments.
• Demonstrated hands-on experience managing, sustaining, and troubleshooting Cisco Firepower Threat Defense (FTD) and Firepower Management Center (FMC) is highly required.
• Strong understanding of network intrusion detection principles, signature-based alerting, and packet analysis.
• Strong hands-on experience with Linux systems, virtualization, and enterprise networking concepts (routing, switching, TCP/IP).
• Proven experience performing Tier-II operational support in a 24/7 environment, including managing incidents and trouble tickets via an ITSM platform (e.g., ServiceNow, Remedy).
• Familiarity with cybersecurity compliance, including ACAS/Nessus scanning, STIGs, and POA&M management.
• Ability to lead a small technical team, manage priorities, and coordinate across multiple government and contractor teams.
• Cisco Certified CyberOps Professional, CCNP Security, or equivalent industry certification is highly desired.
• Strong written and verbal communication skills.

At Indigo IT, we offer an expansive benefits package for our employees, which includes: Medical, Dental, and Vision coverage options. In addition, we offer 401(k) with company match, Group life and disability, Flex Spending Accounts (FSA), Paid Time Off (PTO), Paid holidays, and Education assistance. We also have in house training programs for employees, we reward thought leadership with bonuses and recognition for publishing, speaking, and innovative thought leadership in our industry.

Founded in 2001, Indigo IT is an award-winning information technology consulting and services company. We are a trusted services provider to government agencies seeking innovative Cloud, Cybersecurity, Knowledge Management, and Enterprise solutions. We know our defense, federal, and civilian customers have critical IT infrastructures that must remain reliable, available, and maximized. Indigo IT is mission focused and committed to maintaining a sense of urgency in anticipating and supporting our customers' technology goals and objectives. Our unique ability to think beyond today allows our clients to stay ahead of their IT challenges. Recognized on the Inc. 5000 list of America's fastest growing companies in 2020 and 2021 and named as one of the 2022 Best Places to Work in Virginia, we are always looking to hire top talent in the field. Come join us today.