Title: Cyber Detection Engineer Team Lead
Location: McLean, VA
*Clearance: Active TS/SCI w/ Polygraph needed to apply *
Company Overview:
Cornerstone Defense is the Employer of Choice within the Intelligence, Defense, and Space communities of the U.S. Government. Realizing early on that our most prized assets are our employees, we continually focus our attention on improving the overall work/life experience they have supporting the mission. Our Team is pushed every day to use their industry leading knowledge to provide end-to-end solutions to combat our nation’s toughest and most secure problems. If you are looking for a place to not only be professionally challenged, but encouraged and supported by a company that cares, don’t look any further than Cornerstone Defense.
We need you to lead the team who protect and defend the largest target in the world using your expertise in Host Based IDS, IPS and specialized network defense. This position will utilize the latest cyber tools available and assist in creating new ones while allowing you to advance the nation's information security posture.
Responsibilities include, but are not limited to:
Provide subject matter expertise in the creation, editing, and management of signatures, rules and filters for specialized network defense systems such as Network and host-based IDS, IPS, NDR, EDR, firewall, web application firewalls, Proxy and SIEM systems
Manage and administer the tuning of rules, signatures, and custom content for specialized CND applications and systems
Identify potential conflicts with implementation of any CND tools within the enterprise and develop recommendations to remediate these conflicts
Manage inter-agency relationships with partner organizations to facilitate mission execution
Provide innovative and creative solutions to challenging problems
Provide logical use case development
Provide and track requirements to engineering partners
Identify gaps in visibility or coverage of cyber defense systems
Prepare and brief management and partner organizations on current state/proposed solutions
Prepare data analytics and reporting
15+ years of experience in Cyber Security, InfoSec, Security Engineering or Network Engineering with emphasis in cyber security issues and operations, computer incident response, systems architecture, data management
Ability to demonstrate expertise utilizing SIEM tools for use case development and application
Understanding of the following classes of enterprise cyber defense technologies:
Incident Response analysis
Security Information and Event Management (SIEM) systems
Network Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS)
Host Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS)
Security Orchestration Automation and Response (SOAR)
Endpoint and Network Detection and Response (EDR/NDR)
User Behavior Analytics (UBA)
Network and Host malware detection and prevention
Network and Host forensic applications
Web/Email gateway security technologies
Ability to leverage interpersonal, organizational, writing, communications, and briefing skills
Ability to demonstrate strong analytical and problem solving skills
DOD 8570 IAT Level I or CSSP-IR certification (can be obtained after hire)
Active TS/SCI with polygraph clearance
Bachelor’s Degree in Electrical Engineering, Computer Engineering, Computer Science, or other closely related Information Technology field of study
Experience with all or some of the following:
Palo Alto Networks
McAfee ePO/NSM
Carbon Black
Tanium
Jira
Mitre ATT&CK
Python
Splunk ES
Equal Opportunity Employment
Cornerstone Defense is proud to be an Equal Opportunity Employer. We are committed to creating an inclusive working environment for all employees and to upholding diversity in our recruiting and hiring processes. All qualified applicants will receive equal consideration for employment without regard to sex, gender identity, sexual orientation, race, color, age, religion, national origin, physical or mental disability, protected Veteran status, or any other characteristic protected by law.