• Type: Contract
  • Job #2090

Title: Host-Based Cyber Forensics

Clearance: TS/SCI

Location: Arlington, VA (with some remote – must be able to report to customer site as needed)

Company Overview:

Cornerstone Defense, in partnership with our military, intelligence, and civil government customers, supports U.S. operations worldwide through the use of many different types of intelligence, satellite, and cyber technologies. Cornerstone’s Intelligence Sector provides solutions to the United States Government for information collection, operations, exploitation and dissemination, and research activities. Our Team specializes in software development, cloud architecture, systems and network engineering, systems integration, agile management, as well as targeting operations and intelligence analysis. Our support to our mission customers includes cyber network operations, exploitation and defense, signals intelligence, human intelligence, and critical missions and networks.

  • Junior = 2-4 years
  • Mid = 4-7 years
  • Senior = 8 years

 

Required Experience:

  • Experience with MITRE ATT&CK
  • Experience with Windows Event IDs
  • Familiarity with Linux & Windows artifacts & interpretation
  • Network topologies/architecture
  • Basic malware analysis
  • Incident response & threat hunting (at scale)
  • Advanced Persistent Threats (APTs) tactics, techniques, and protocols (TTPs)
  • Computer forensics, digital forensics, memory forensics, Red/Blue/Purple Teams

 

Operational Tools:

  • Splunk use is a must, Splunk certs are great.  Operational use is key. 
  • Demonstrated use with FTK, Encase, Axiom, Xways, Autopsy, SIFT, Mandiant HX, FireEye, SOFL-ELK, Moloch, Wireshark, Network Miner, NetWitness, CyberChef, Corelightm, Zeek, Bro IDS, Security Onion, ArcSight,
  • Bonus: PowerShell, Python, etc.

 

Desired Certs:

  • Certified Ethical Hacker
  • CompTIA Security+ce
  • GCIH
  • GCFE
  • GCFA
  • GNFA
  • GDTA
  • GPEN
  • CISSP
Attach a resume file. Accepted file types are DOC, DOCX, PDF, HTML, and TXT.

We are uploading your application. It may take a few moments to read your resume. Please wait!