Detection Engineer/Splunk Content Developer with Security Clearance

---

Job description

Title: Detection Engineer/Splunk Content Developer Location: McLean, VA Clearance: ActiveTS/SCI w/ Polygraph needed to apply Company Overview: Cornerstone Defense, in partnership with our military, intelligence, and civil government customers, supports U.S. operations worldwide through the use of many different types of intelligence, satellite, and cyber technologies. Cornerstone's Intelligence Sector provides solutions to the United States Government for information collection, operations, exploitation and dissemination, and research activities. Our Team specializes in software development, cloud architecture, systems and network engineering, systems integration, agile management, as well as targeting operations and intelligence analysis. Our support to our mission customers includes cyber network operations, exploitation and defense, signals intelligence, human intelligence, and critical missions and networks. Detection Engineer/Splunk Content Developer Location: Mclean, VA Clearance: FSP Job Duties and Responsibilities: Subject matter expertise in the creation, editing, and management of signatures, rules and filters for specialized network defense systems including but not limited to: Network and host-based IDS, IPS, NDR, EDR, firewall, web application firewalls Proxy Splunk Enterprise Security Manages and administers the tuning of rules, signatures, and custom content for specialized CND applications and systems Identifies potential conflicts with implementation of any CND tools within the enterprise and develop recommendations to remediate these conflicts Manages inter-agency relationships with partner organizations to facilitate mission execution Innovates creative solutions to challenging problems Provides logical use case development Provides and tracks requirements to engineering partners Identifies gaps in visibility or coverage of cyber defense systems Prepare and brief management and partner organizations on current state/proposed solutions Prepare data analytics and reporting Required Experience/Skills: Excellent interpersonal, organizational, writing, communications, and briefing skills Strong analytical and problem solving skills Demonstrated expertise utilizing SIEM tools for use case development and application Minimum of five years of progressively responsible experience in Cyber Security, InfoSec, Security Engineering, Network Engineering with emphasis in cyber security issues and operations, computer incident response, systems architecture, data management Familiarity with the following classes of enterprise cyber defense technologies: Incident Response analysis Splunk Enterprise Security Network Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS) Host Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS) Security Orchestration Automation and Response (SOAR) Endpoint and Network Detection and Response (EDR/NDR) User Behavior Analytics (UBA) Network and Host malware detection and prevention Network and Host forensic applications Web/Email gateway security technologies Demonstrated experience in the following preferred: Splunk ES Python Mitre ATT&CK Jira Tanium Carbon Black McAfee ePO/NSM Palo Alto Networks Required Certifications: DOD 8570 IAT Level II or CSSP-IR Preferred Degree: BS (bachelors degree in electrical engineering, computer engineering, computer science, or other closely related IT discipline) Equal Opportunity Employment Cornerstone Defense is proud to be an Equal Opportunity Employer. We are committed to creating an inclusive working environment for all employees and to upholding diversity in our recruiting and hiring processes. All qualified applicants will receive equal consideration for employment without regard to sex, gender identity, sexual orientation, race, color, age, religion, national origin, physical or mental disability, protected Veteran status, or any other characteristic protected by law.

<!– job description page –>