Network Packet Processing Engineer – Security Engine (OT/ICS Focus) na Harman
Harman · Pune, Índia · Onsite
- Senior
- Escritório em Pune
About the RoleWe are developing a high-performance Security Engine that inspects, analyzes, and processes real-time OT/ICS network traffic at scale.You will design and optimize the packet capture, parsing, and traffic distribution pipeline that powers our threat detection and protocol analysis stack (including Zeek and Suricata).---Key Responsibilities* Design and implement high-speed packet capture and processing pipelines.* Integrate with Zeek/Suricata and develop custom protocol parsers for OT/ICS traffic.* Optimize for performance (multi-threading, NUMA-aware processing, zero-copy I/O).* Implement flow distribution strategies to scale traffic across multiple analysis engines.* Benchmark and profile packet processing performance, identify and resolve bottlenecks.* Work closely with the Threat Detection and Protocol Engineering teams to extend protocol coverage.* Ensure lossless packet capture at high bandwidths (10–40Gbps+ environments).Required Skills & Experience* Strong proficiency in C/C++ (memory management, multi-threading, lock-free data structures).* Hands-on experience with high-performance packet I/O frameworks, such as: * DPDK (preferred) * PF\_RING * AF\_XDP * libpcap (for integration purposes)* Deep understanding of network protocols (Ethernet, IPv4/IPv6, TCP/UDP) and packet processing concepts.* Familiarity with OT/ICS protocols (Modbus, DNP3, IEC 104, PROFINET, EtherNet/IP, OPC UA) or willingness to learn.* Experience with Linux kernel networking internals and performance tuning.* Knowledge of NIC hardware offloading features (RSS, SR-IOV, flow steering).* Strong profiling and benchmarking skills for network-intensive applications.---Preferred Qualifications* Experience integrating with IDS/IPS platforms (Zeek, Suricata, Snort).* Exposure to traffic replay tools (tcpreplay, MoonGen).* Experience with parallel and distributed packet processing architectures.* Familiarity with cloud-native environments and containerized deployments (Docker/K8s).* Previous work in OT/ICS network security or industrial networking.
Candidatar-se agora
