• Location: Herndon, Virginia
  • Type: Contract
  • Job #3178

Title: NetDef Analyst
Location: Herndon, VA
*Clearance: *Active TS/SCI w/ Polygraph needed to apply *
Company Overview:
Cornerstone Defense is the Employer of Choice within the Intelligence, Defense, and Space communities of the U.S. Government.  Realizing early on that our most prized assets are our employees, we continually focus our attention on improving the overall work/life experience they have supporting the mission.  Our Team is pushed every day to use their industry leading knowledge to provide end-to-end solutions to combat our nation’s toughest and most secure problems.  If you are looking for a place to not only be professionally challenged, but encouraged and supported by a company that cares, don’t look any further than Cornerstone Defense.

Responsibilities include, but are not limited to:

Provide malicious code detection, intrusion detection, and information security tool development and integration.

Utilize forensic analysis to identify malware, misuse, and/or unauthorized activity.

Investigate and report on virus and malware alerts or incidents to determine root cause, entry point of code and damage risk.

Analyze all data sources, including Internet, Intelligence Community (IC) reporting, security events, firewall logs, and other data sources to identify malware, misuse, unauthorized activity or other cyber security related concerns.

Track intelligence using open source and classified sources to identify malicious code threats and provide solutions to counteract that threat.

Create, edit, and manage signatures, custom rules and filters for specialized network defense systems including but not limited to, Network and host-based IDS, IPS, firewalls and web application firewalls, Security Orchestration, Automation and Response (SOAR), Proxy, and Security Information and Event Management (SIEM) systems

Manage and administer the tuning of rules, signatures, and custom content for CND applications and systems.

Identify potential conflicts with implementation of any CND tools within the enterprise and develop recommendations to remediate these conflicts

Provide logical use case development.

Provide and track requirements to engineering partners.

Identify gaps in visibility or coverage of cyber defense systems.

Prepare data analytics and reporting.

Required Qualifications:

2+ years of experience in Network Defense, Network Operations, Cybersecurity, Network Engineering, Security Engineering, Information Security, Systems Architecture or Data Analysis

Experience writing script in programming languages such as Python, JavaScript, Yara or Snort

Experience using SIEM tools for case development and application

Experience with network security applications, protocols, and associated hardware

Knowledge of enterprise cyber defense technologies such as SIEM systems, SysMon, network and host based IDS and IPS, network and host-based malware detection and prevention, Endpoint Detection & Response (EDR) and Network Detection & Response (NDR), Network and Host malware detection and prevention (EDR/NDR) tools, forensics tools and applications, Web/Email gateway security technologies, Security Orchestration, Automation and Response (SOAR) and cloud based platforms such as Azure, AWS, or Google

Active TS/SCI with polygraph clearance

Preferred Qualifications:

Experience with MITRE ATT&CK

Experience with Splunk or Splunk Enterprise Security

Ability to demonstrate interpersonal, organizational, writing, communications, and briefing skills

Ability to effectively use analytical and problem-solving skills


Attach a resume file. Accepted file types are DOC, DOCX, PDF, HTML, and TXT.

We are uploading your application. It may take a few moments to read your resume. Please wait!