Cyber Security Engineer - OpenNMS
Fulltime position
San Antonio, TX (100% Onsite) - 2nd Shift- Mon thru Fri 2 pm to 10 pm
Must have Active Secret
SECRET A MUST
must have one of those certs
100% onsite in San Antonio, TX
some kind of incident response, Soc or the like AND MUST HAVE OPENMS (might be OPEN NMS)
EDUCATION LEVEL: Bachelor's degree and 4 years of related experience, or Master's degree with 2 years of related experience. Additional experience, education and training may be considered in lieu of degree.
We have a permanent position for a Information Cyber Security Engineer in San Antonio, TX - 100% onsite. You must have an active SECRET to apply. This role is 2nd shift - Mon thru Fri 2 pm to 10 pm. If interested, SEND RESUME.
We are seeking a Cybersecurity Engineer with strong OpenNMS experience to support enterprise-scale network visibility, threat detection, and infrastructure resilience. This role focuses on using OpenNMS (Horizon or Meridian) as a critical cybersecurity-enabling platform to detect anomalous behavior, support incident response, and enhance situational awareness across complex network environments.
The ideal candidate will have a strong foundation in network security, monitoring, and performance management, and will work closely with Security Operations (SOC), Network Operations (NOC), and Infrastructure teams to detect, analyze, and respond to security-relevant events.
Key Responsibilities
Cybersecurity & Monitoring
- Configure, maintain, and optimize OpenNMS to monitor network availability, performance, and security-relevant events
- Develop alerts and thresholds to identify suspicious network behavior, outages, and anomalies
- Correlate OpenNMS alerts with security incidents and infrastructure changes
- Support early detection of potential DDoS attacks, network abuse, misconfigurations, and service disruptions
- Perform root-cause analysis for network and security events
Incident Response & Threat Analysis
- Assist SOC and Incident Response teams with:
- Network telemetry analysis
- Timeline reconstruction using historical performance data
- Identification of impacted systems and traffic paths
- Escalate high-risk events and provide actionable intelligence to security leadership
- Support post-incident reviews and mitigation planning
Integration & Automation
- Integrate OpenNMS with:
- SIEM platforms (e.g., Splunk, Elastic, QRadar)
- Ticketing systems (e.g., ServiceNow, Jira)
- NetFlow/IPFIX collectors
- Develop scripts or APIs to automate alerting, reporting, or data sharing
Asset Visibility & Compliance
- Maintain accurate network asset discovery and inventory
- Identify unauthorized or misconfigured devices and services
- Support compliance audits by providing monitoring and availability evidence
- Contribute to the continuous improvement of network security posture
REQUIRED SKILLS/EXPERIENCE:
- DoD-8570 IAT Level 2 certification (Security+ CE, CCNA Security, GSEC, or SSCP) within 6 months of hire date.
- Experience in Cybersecurity, Network Engineering, or Network Monitoring.
- Hands-on experience deploying, scaling administering OpenNMS (Horizon or Meridian)
- Strong understanding of:
- TCP/IP, DNS, DHCP, VLANs, routing, and switching
- SNMP, ICMP, NetFlow, WMI
- Experience with security concepts including:
- Network-based attacks (DDoS, scanning, lateral movement)
- Defense-in-depth architecture
- Familiarity with Linux systems administration
- Experience working with SOC/NOC or incident response teams
Tools & Technologies
- OpenNMS Horizon / Meridian
- SNMP, NetFlow, IPFIX
- Linux (RHEL, Ubuntu, CentOS)
- SIEM platforms (Splunk, Elastic, QRadar)
- Ticketing systems (ServiceNow, Jira)
- Git, REST APIs, scripting tools
Soft Skills
- Strong analytical and troubleshooting skills
- Ability to communicate technical findings to security and leadership teams
- Collaborative mindset across SecOps, NetOps, and Infrastructure
- Attention to detail and proactive problem-solving
DESIRED SKILLS/EXPERIENCE:
- RHCSA (Red Hat Certified System Administrator) or RHCE (Red Hat Certified Engineer).
- Advanced CLI troubleshooting, RHEL Linux environments, systems configuration, package management, kernel parameter tuning, firewall management (firewalls/IP tables)
- Advanced Bash/Python scripting for automation.
- Configuring data collection (SNMPv3, WMI, JMX)
- Setting up distributed monitoring using OpenNMS Minions, Kafka integration, and managing thresholds/alarms.
- Experience integrating OpenNMS with SIEM or SOAR platforms
- Understanding of security frameworks (NIST CSF, ISO 27001, CIS Controls)
EDUCATION LEVEL: Bachelor's degree and 4 years of related experience, or Master's degree with 2 years of related experience. Additional experience, education and training may be considered in lieu of degree.
Ayush Sharma Sr. US Technical Recruiter
| Ext:149
| G-talk:
