Haystack
← Back to Jobs
Technology

Information Cyber Security Engineer(OpenNMS) - San Antonio, TX (100% Onsite) - Active Secret

Stellent IT LLCSan Antonio, TX🇺🇸United StatesPosted 14 Jul 2026

Quick Overview

Work Type
On Site
Level
Mid Senior

Job Description

Cyber Security Engineer - OpenNMS

Fulltime position

San Antonio, TX (100% Onsite) - 2nd Shift- Mon thru Fri 2 pm to 10 pm

Must have Active Secret

SECRET A MUST
must have one of those certs
100% onsite in San Antonio, TX

some kind of incident response, Soc or the like AND MUST HAVE OPENMS (might be OPEN NMS)

EDUCATION LEVEL: Bachelor's degree and 4 years of related experience, or Master's degree with 2 years of related experience. Additional experience, education and training may be considered in lieu of degree.


We have a permanent position for a Information Cyber Security Engineer in San Antonio, TX - 100% onsite. You must have an active SECRET to apply. This role is 2nd shift - Mon thru Fri 2 pm to 10 pm. If interested, SEND RESUME.

We are seeking a Cybersecurity Engineer with strong OpenNMS experience to support enterprise-scale network visibility, threat detection, and infrastructure resilience. This role focuses on using OpenNMS (Horizon or Meridian) as a critical cybersecurity-enabling platform to detect anomalous behavior, support incident response, and enhance situational awareness across complex network environments.

The ideal candidate will have a strong foundation in network security, monitoring, and performance management, and will work closely with Security Operations (SOC), Network Operations (NOC), and Infrastructure teams to detect, analyze, and respond to security-relevant events.

Key Responsibilities

Cybersecurity & Monitoring

  • Configure, maintain, and optimize OpenNMS to monitor network availability, performance, and security-relevant events
  • Develop alerts and thresholds to identify suspicious network behavior, outages, and anomalies
  • Correlate OpenNMS alerts with security incidents and infrastructure changes
  • Support early detection of potential DDoS attacks, network abuse, misconfigurations, and service disruptions
  • Perform root-cause analysis for network and security events

Incident Response & Threat Analysis

  • Assist SOC and Incident Response teams with:
    • Network telemetry analysis
    • Timeline reconstruction using historical performance data
    • Identification of impacted systems and traffic paths
  • Escalate high-risk events and provide actionable intelligence to security leadership
  • Support post-incident reviews and mitigation planning

Integration & Automation

  • Integrate OpenNMS with:
    • SIEM platforms (e.g., Splunk, Elastic, QRadar)
    • Ticketing systems (e.g., ServiceNow, Jira)
    • NetFlow/IPFIX collectors
  • Develop scripts or APIs to automate alerting, reporting, or data sharing

Asset Visibility & Compliance

  • Maintain accurate network asset discovery and inventory
  • Identify unauthorized or misconfigured devices and services
  • Support compliance audits by providing monitoring and availability evidence
  • Contribute to the continuous improvement of network security posture

REQUIRED SKILLS/EXPERIENCE:

  • DoD-8570 IAT Level 2 certification (Security+ CE, CCNA Security, GSEC, or SSCP) within 6 months of hire date.
  • Experience in Cybersecurity, Network Engineering, or Network Monitoring.
  • Hands-on experience deploying, scaling administering OpenNMS (Horizon or Meridian)
  • Strong understanding of:
    • TCP/IP, DNS, DHCP, VLANs, routing, and switching
    • SNMP, ICMP, NetFlow, WMI
  • Experience with security concepts including:
    • Network-based attacks (DDoS, scanning, lateral movement)
    • Defense-in-depth architecture
  • Familiarity with Linux systems administration
  • Experience working with SOC/NOC or incident response teams

Tools & Technologies

  • OpenNMS Horizon / Meridian
  • SNMP, NetFlow, IPFIX
  • Linux (RHEL, Ubuntu, CentOS)
  • SIEM platforms (Splunk, Elastic, QRadar)
  • Ticketing systems (ServiceNow, Jira)
  • Git, REST APIs, scripting tools

Soft Skills

  • Strong analytical and troubleshooting skills
  • Ability to communicate technical findings to security and leadership teams
  • Collaborative mindset across SecOps, NetOps, and Infrastructure
  • Attention to detail and proactive problem-solving

DESIRED SKILLS/EXPERIENCE:

  • RHCSA (Red Hat Certified System Administrator) or RHCE (Red Hat Certified Engineer).
  • Advanced CLI troubleshooting, RHEL Linux environments, systems configuration, package management, kernel parameter tuning, firewall management (firewalls/IP tables)
  • Advanced Bash/Python scripting for automation.
  • Configuring data collection (SNMPv3, WMI, JMX)
  • Setting up distributed monitoring using OpenNMS Minions, Kafka integration, and managing thresholds/alarms.
  • Experience integrating OpenNMS with SIEM or SOAR platforms
  • Understanding of security frameworks (NIST CSF, ISO 27001, CIS Controls)

EDUCATION LEVEL: Bachelor's degree and 4 years of related experience, or Master's degree with 2 years of related experience. Additional experience, education and training may be considered in lieu of degree.

Ayush Sharma Sr. US Technical Recruiter

| Ext:149

| G-talk:

Skills

Splunk
TCP/IP
Bash
DNS
Git
Jira
Kafka
Python
REST

Similar jobs