• Type: Contract
  • Job #2944

Title: Detection Engineer/Splunk Content Developer
Location: McLean, VA
*Clearance: Active TS/SCI w/ Polygraph needed to apply *

Company Overview:

Cornerstone Defense, in partnership with our military, intelligence, and civil government customers, supports U.S. operations worldwide through the use of many different types of intelligence, satellite, and cyber technologies. Cornerstone’s Intelligence Sector provides solutions to the United States Government for information collection, operations, exploitation and dissemination, and research activities. Our Team specializes in software development, cloud architecture, systems and network engineering, systems integration, agile management, as well as targeting operations and intelligence analysis. Our support to our mission customers includes cyber network operations, exploitation and defense, signals intelligence, human intelligence, and critical missions and networks.

Detection Engineer/Splunk Content Developer
Location: Mclean, VA
Clearance: FSP

Job Duties and Responsibilities:
Subject matter expertise in the creation, editing, and management of signatures, rules and filters for specialized network defense systems including but not limited to:

  • Network and host-based IDS, IPS, NDR, EDR, firewall, web application firewalls
  • Proxy
  • Splunk Enterprise Security
  • Manages and administers the tuning of rules, signatures, and custom content for specialized CND applications and systems
  • Identifies potential conflicts with implementation of any CND tools within the enterprise and develop recommendations to remediate these conflicts
  • Manages inter-agency relationships with partner organizations to facilitate mission execution
  • Innovates creative solutions to challenging problems
  • Provides logical use case development
  • Provides and tracks requirements to engineering partners
  • Identifies gaps in visibility or coverage of cyber defense systems
  • Prepare and brief management and partner organizations on current state/proposed solutions
  • Prepare data analytics and reporting

Required Experience/Skills:

  • Excellent interpersonal, organizational, writing, communications, and briefing skills
  • Strong analytical and problem solving skills
  • Demonstrated expertise utilizing SIEM tools for use case development and application
  • Minimum of five years of progressively responsible experience in Cyber Security, InfoSec, Security Engineering, Network Engineering with emphasis in cyber security issues and operations, computer incident response, systems architecture, data management

Familiarity with the following classes of enterprise cyber defense technologies:

  • Incident Response analysis
  • Splunk Enterprise Security
  • Network Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS)
  • Host Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS)
  • Security Orchestration Automation and Response (SOAR)
  • Endpoint and Network Detection and Response (EDR/NDR)
  • User Behavior Analytics (UBA)
  • Network and Host malware detection and prevention
  • Network and Host forensic applications
  • Web/Email gateway security technologies

Demonstrated experience in the following preferred:

  • Splunk ES
  • Python
  • Mitre ATT&CK
  • Jira
  • Tanium
  • Carbon Black
  • McAfee ePO/NSM
  • Palo Alto Networks

Required Certifications:
DOD 8570 IAT Level II or CSSP-IR

Preferred Degree:
BS (bachelor's degree in electrical engineering, computer engineering, computer science, or other closely related IT discipline)


Equal Opportunity Employment
Cornerstone Defense is proud to be an Equal Opportunity Employer. We are committed to creating an inclusive working environment for all employees and to upholding diversity in our recruiting and hiring processes. All qualified applicants will receive equal consideration for employment without regard to sex, gender identity, sexual orientation, race, color, age, religion, national origin, physical or mental disability, protected Veteran status, or any other characteristic protected by law.

Attach a resume file. Accepted file types are DOC, DOCX, PDF, HTML, and TXT.

We are uploading your application. It may take a few moments to read your resume. Please wait!