Cyber Engineer - Advanced Cyber Training Environments

• Engineer and deploy cyber training environments using VMs, containers, and SDN across hybrid, edge, and cloud infrastructures.
• Implement traffic simulations (burst, steady-state, geo-distributed, adversarial, AI/ML-driven) to emulate realistic user/system behavior.
• Develop frameworks for orchestrating non-player character (NPC) activity and user emulation across IT and OT domains.
• Integrate AI-based traffic generation and host-level user emulation for enhanced realism.
• Build observability pipelines for traffic replay, metrics collection, autoscaling validation, and centralized logging.
• Execute full-spectrum threat campaigns using open-source offensive tools to support blue team training.
• Integrate threat intelligence feeds and adversarial emulation to reflect current TTPs.
• Deploy and maintain defensive toolsets for network monitoring, incident detection, and response.
• Develop infrastructure-as-code and network-as-code solutions integrated with CI/CD and SecDevOps workflows.
• Integrate third-party tools to enhance training realism and operational fidelity.
• Administer and secure private cloud stacks, closed-loop networks, and critical infrastructure venues.
• Manage network/server infrastructure including AD, firewalls, hypervisors, and identity management systems.
• Support cyber exercises and events including setup, execution, troubleshooting, and close-out.
• Participate in technical working groups and customer engagements to validate and improve cyber training environments.
• Apply hands-on experience with OT systems including SCADA, HMIs, ICS, DCS, PLCs, RTUs, IoT, and IIoT devices.

• Traffic Simulation & User Emulation: Lariat, CMU GHOSTS, MITRE Caldera, Red Canary, Atomic Red Team, TRex, BreakingPoint, Locust, k6, custom Python/TypeScript scripts, AI-enabled agents
• Security Monitoring & Logging: Splunk, Wazuh, Elastic Stack, Security Onion, Endgame, Velociraptor
• Threat Emulation & Red Team Tools: Kali Linux, Metasploit, Cobalt Strike (open-source equivalents), custom adversarial scripts
• Virtualization & Containerization: AWS, Azure, VMware vSphere/vCenter, Tanzu Kubernetes Grid (TKG), Proxmox, RKE2, Harvester
• Infrastructure Automation: Terraform, Ansible, Helm, Nomad
• Identity & Access Management: Red Hat IDM, Red Hat SSO, Active Directory (GPOs, tiered admin scripts)
• Networking & SDN: VMware NSX-T, VLANs, VPNs, dynamic networking tools
• Compliance & Assurance: NIST 800-series, ISO 27001, FedRAMP, CUI-compliant controls
• Monitoring & Control Interfaces: Custom dashboards for exercise operations, centralized scenario orchestration

• Bachelor's or Master's degree in Cybersecurity, Computer Engineering, or related field.
• 5+ years of experience in cyber engineering, network operations, or cyber range development.
• Top Secret security clearance.
• Proficiency in virtualization, containerization, and cloud technologies.
• Experience with offensive and defensive cybersecurity tools and frameworks.
• Familiarity with AI/ML integration in cyber environments.
• Strong scripting and automation skills (e.g., Python, Bash, PowerShell).
• Experience with infrastructure-as-code tools (e.g., Terraform, Ansible).
• Knowledge of OT systems and protocols.
• Security certifications (e.g., CISSP, CEH, OSCP) are a plus.

Employee may be required to occasionally lift and/or move moderate amounts of weight, typically less than 20 pounds, but may vary depending on the position. Regular and predictable attendance is essential.

Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status, and any other characteristic protected by federal, state, and local law.

If you are unable to apply through the portal and need to speak to someone about necessary accommodations to apply, please email accommodation@idsinternational.com and we will follow up with you. Do not submit resumes and applications through this email.