Title: Cyber Security Analyst
Location: Mclean, VA
*Clearance: *Active TS/SCI w/ Polygraph needed to apply *
Company Overview:
Cornerstone Defense is the Employer of Choice within the Intelligence, Defense, and Space communities of the U.S. Government. Realizing early on that our most prized assets are our employees, we continually focus our attention on improving the overall work/life experience they have supporting the mission. Our Team is pushed every day to use their industry leading knowledge to provide end-to-end solutions to combat our nation’s toughest and most secure problems. If you are looking for a place to not only be professionally challenged, but encouraged and supported by a company that cares, don’t look any further than Cornerstone Defense.
Responsibilities include, but are not limited to:
Creation, editing, and management of signatures, custom rules and filters for specialized network defense systems including but not limited to:
Network and host-based IDS, IPS, firewall, web application firewall
SOAR
Proxy
SIEM systems
Manage and administer the tuning of rules, signatures, and custom content for specialized CND applications and systems
Identify potential conflicts with implementation of any CND tools within the enterprise and develop recommendations to remediate these conflicts
Participate in inter-agency relationships with partner organizations to facilitate mission execution
Provide innovation and creative solutions to challenging problems
Provide logical use case development
Provide and track requirements to engineering partners
Identify gaps in visibility or coverage of cyber defense systems
Prepare data analytics and reporting
Detection Assurance and rule validation
Required Qualifications:
2+ years of experience in Cyber Security, InfoSec, Security Engineering or Network Engineering with emphasis in cyber security issues and operations, computer incident response, systems architecture, data management
Experience with Mitre ATT&CK
Experience using computer programming language(s) such as Python, JavaScript, Yara or Snort
Familiarity with the following classes of enterprise cyber defense technologies:
Security Information and Event Management (SIEM) systems (Splunk and/or Splunk Enterprise Security)
SysMon
Network Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS)
Host Intrusion Detection System/Intrusion Prevention Systems (EDR/IDS/IPS)
Network and Host malware detection and prevention (EDR/NDR)
Network and Host forensic applications
Web/Email gateway security technologies
SOAR
Azure
Ability to demonstrate expertise utilizing SIEM tools for use case development and application
DOD 8570 IAT Level I or CSSP-IR Certification (can be obtained after hire)
Active TS/SCI with polygraph clearance
Preferred Qualifications:
Bachelor’s Degree in Electrical Engineering, Computer Engineering, Computer Science, or other closely related Information Technology field of study
Ability to demonstrate interpersonal, organizational, writing, communications, and briefing skills
Ability to effectively use analytical and problem-solving skills