• Type: Contract
  • Job #2093

Title: Cyber Incident Management

Clearance: TS/SCI

Location: Arlington, VA (with some remote – must be able to report to customer site as needed)

Company Overview:

Cornerstone Defense, in partnership with our military, intelligence, and civil government customers, supports U.S. operations worldwide through the use of many different types of intelligence, satellite, and cyber technologies. Cornerstone’s Intelligence Sector provides solutions to the United States Government for information collection, operations, exploitation and dissemination, and research activities. Our Team specializes in software development, cloud architecture, systems and network engineering, systems integration, agile management, as well as targeting operations and intelligence analysis. Our support to our mission customers includes cyber network operations, exploitation and defense, signals intelligence, human intelligence, and critical missions and networks.

  • Junior = 2-4 years
  • Mid = 4-7 years
  • Senior = 8 years

 

Required Experience:

  • Understanding of host & network forensics
  • Understanding log review(s)
  • Differentiate between malign & malicious activities
  • Experience with firewalls
  • Incident response
  • Windows event managers
  • Firewalls
  • Windows event IDs
  • MITRE ATT&CK processes
  • Understanding of legal requirements
  • Attack vectors; tactics, techniques, and protocols (TTPs), etc.

 

Operational Tools:

  • Splunk use is a must, Splunk certs are great.  Operational use is key. 
  • Demonstrated use with: Zeek/Bro, Gigamon or other packet brokers, Wireshark, ELKStack, ArcSight, SourceFire NetWitness, Tanium, Palo Alto, TCPDump, Tshark, Nagios, Suricata, Corelight, Various firewalls (F/W) and router set-up/admin, domin tools (IRIS),
  • AWS Cloud, MS Azure, Google Cloud

 

Desired Certs:

  • Certified Ethical Hacker
  • CompTIA Network+ce
  • CompTIA Security+ce
  • PenTest+
  • Linux+
  • CCNA
  • MCSE
  • GCIH
  • GCFA
  • GCFE
  • GNFA
  • GDAT
  • CISSP
  • Cloud+
Attach a resume file. Accepted file types are DOC, DOCX, PDF, HTML, and TXT.

We are uploading your application. It may take a few moments to read your resume. Please wait!