*Clearance: ActiveTS/SCI w/ Polygraph needed to apply *
Cornerstone Defense, in partnership with our military, intelligence, and civil government customers, supports U.S. operations worldwide through the use of many different types of intelligence, satellite, and cyber technologies. Cornerstone’s Intelligence Sector provides solutions to the United States Government for information collection, operations, exploitation and dissemination, and research activities. Our Team specializes in software development, cloud architecture, systems and network engineering, systems integration, agile management, as well as targeting operations and intelligence analysis. Our support to our mission customers includes cyber network operations, exploitation and defense, signals intelligence, human intelligence, and critical missions and networks.
ADDITIONAL SECURITY REVIEW PROCESS: All personnel coming into Sponsor’s organization undergo an additional security that can take anywhere from 7 business days to 30 days or more.
The Sponsor is seeking expertise to assist with cyber investigative efforts, conduct network traffic analysis, support cyber focused network architecture reviews, assess data pertaining to network intrusions and/or cyber related attacks on Sponsor equities, assess Sponsor's operational technologies. This work includes but not limited to:
Cyber analytic experience, specifically familiarity with cyber actor TTPs
Analyze IP network traffic for cyber issues as it relates to security, technical and operational vulnerabilities, and risk.
Evaluate network operations using network management platforms, auditing functions, and log reviews.
Conduct network or networking technology assessments and write assessment reports based on findings.
Provide insight into latest threats and countermeasures.
Provide recommendations for end-to-end technical analysis.
Maintain current knowledge of relevant technology as assigned.
The candidate shall work independently with little supervision and shall be flexible to support customers located throughout the Washington Metro Area.
The candidate’s primary location will be between 2 buildings in Chantilly.
Extensive experience with advanced Splunk usage including thorough working knowledge of queries (using SPL), creating dashboards, creating scheduled searches, creating alerts, and aggregation of statistics supporting root-cause assessments of network and system anomalies.
Extensive experience with packet capture and protocol dissection tools like Bro/Zeek or Suricata.
Thorough knowledge of the Agency 's information technology capabilities and infrastructure including operating systems, major application systems, and general network architecture.
Experience with penetration testing, documenting findings, and providing post -engagement out-briefs.
Extensive experience working on TCP/IP networking projects and demonstrated experience with cyber security, and/or network security principles.
Extensive experience with troubleshooting, investigating issues associated with IP.
Demonstrated experience with communications protocols such as IP, TCP, UDP, MPLS, OPSF, IGRP, BGP
Knowledge and experience with encryption products, methodologies, configuration.
Knowledge and experience with Network Packet Capture Appliances/Applications, such as Netwitness, Solera, Probe, Wireshark, Snort.
Knowledge and experience with Network Vulnerability Scanner, Web Scanner, and Database Scanner, such as Nessus, Weblnspect, AppDetective.
In depth knowledge and experience with Network Management products such as HP OpenView, Solarwinds.
Experience with Anonymous/Privacy Internet capabilities and supporting network architecture.
Requires a minimum of 16 years with BS/BA.
Bachelor's Degree or a substantive experience in a related technical discipline, or the equivalent combination of education, technical certifications or training, or work experience. 7+ years of network/cyber security experience in a secure environment.
Knowledge of Telephony Systems and VoIP
Experience with Windows Server (2008R2/2012R2), Windows Workstation (7/8.1), Linux (RedHat/Debian), and OSX operating systems.
Interface with vendors and third-party producers.
Any of the following Certifications:
Certified Information Systems Security Professional (CISSP)