Modernization Cyber Network Intrusion Packet​/Protocol Engineer - NE

Modernization Cyber Network Intrusion Packet / Protocol Engineer - NE3

Lockheed Martin

Part‑time (≈50%) position driving next‑generation, high‑throughput, AI‑enhanced packet‑level analysis for nation‑critical SIGINT and cyber‑defense missions.

End‑to‑end lifecycle analysis: design, develop, and maintain custom Wireshark dissectors, scripts, and protocol‑specific analytic pipelines to process massive PCAP streams.

Modernization at scale: leverage containerization (Docker/Kubernetes), cloud‑native data‑flows (Kafka, Spark), and AI/ML models to detect protocol‑level threats faster than ever.

Mission impact: safeguard critical‑infrastructure controls, energy flow, and high‑value networks that drive the nation’s digital lifelines every minute.

• Write C‑based Wireshark plugins and scripts to expose hidden protocol fields.
• Create Docker/Kubernetes‑orchestrated workflows that ingest PCAP streams, extract features, and feed ML classifiers.
• Design high‑throughput pipelines using Apache Kafka or Spark for real‑time analytics.
• Apply supervised/unsupervised learning (deep packet inspection, clustering) to spot zero‑day patterns.
• Develop Python, Bash, Power Shell tools for rapid prototyping, CI/CD, and reporting.

As a Network Intrusion Detection Engineer, safeguard networks that move financial assets, healthcare data, critical infrastructure controls, and energy flow every minute; collaborate with world‑class cyber‑security professionals on threat hunting, packet analysis, and proactive defense; apply Lockheed Martin’s advanced labs, AI research, and global threat intel to neutralize adversaries.

• Wireshark mastery: expert in capture, filtering, and protocol‑specific dissectors; ability to develop custom scripts and Wireshark plug‑ins.
• Protocol deep‑dive: in‑depth knowledge of TCP/IP, UDP, TLS/SSL, HTTP/2, DNS, SIP, and emerging protocols; ability to reverse‑engineer undocumented fields.
• Custom dissector development: write C dissectors to expose hidden protocol data; integrate them into automated analysis pipelines.
• Automated analysis pipelines: build containerized workflows (Docker/Kubernetes) that ingest PCAP streams, extract features, and feed ML models for threat classification.
• Data‑flow management: engineer end‑to‑end data pipelines using Apache Kafka or Spark to handle real‑time traffic analytics at high speed rates.
• AI/ML integration: apply supervised and unsupervised learning (deep packet inspection, clustering) to detect zero‑day patterns within protocol traffic.
• Scripting & automation:
  Python, Bash, Power Shell for rapid development of analysis scripts, CI/CD pipelines, and report generation.
• Expert in packet analysis.
• Experience with different algorithms used in different networks and manufacturer equipment.

By applying, you indicate interest in this role and may be considered for other opportunities that match your skills and experience. Future openings are expected in 2025 or early 2026; this requisition is used for contingent offers.

Full‑time onsite: work at a designated Lockheed Martin facility.