Network-Based Cyber Forensics with Security Clearance

Title: Network-Based Cyber Forensics Clearance: TS/SCI Location: Arlington, VA (with some remote - must be able to report to customer site as needed) Company Overview: Cornerstone Defense, in partnership with our military, intelligence, and civil government customers, supports U.S. operations worldwide through the use of many different types of intelligence, satellite, and cyber technologies. Cornerstone''s Intelligence Sector provides solutions to the United States Government for information collection, operations, exploitation and dissemination, and research activities. Our Team specializes in software development, cloud architecture, systems and network engineering, systems integration, agile management, as well as targeting operations and intelligence analysis. Our support to our mission customers includes cyber network operations, exploitation and defense, signals intelligence, human intelligence, and critical missions and networks. * Junior = 2-4 years * Mid = 4-7 years * Senior = 8 years Required Experience: * Experience with MITRE ATT&CK Framework * Snort Rules, Yara Rules, PCAP Analysis * Network topologies/network architecture (TCP/IP), diagrams, TAPS, SPAN ports, * Mirroring, Berkley packet filters, NetFlow, syslog, network communications protocols, * Regex/Query/Scripting languages, Python, JSON * VMWare * Indicators of compromise (IOCs) * RedHat/Linux use (CLI) Operational Tools: * Splunk use is a must, Splunk certs are great. Operational use is key. * Demonstrated use with: Zeek/Bro, Gigamon or other packet brokers, Wireshark, ELK Stack, ArcSight, SourceFire NetWitness, Tanium, Palo Alto, TCPDump, Tshark, Nagios, Suricata, Corelight, Various firewalls (F/W) and router set-up/admin, domin tools (IRIS), * AWS Cloud, MS Azure, Google Cloud Desired Certs: * Certified Ethical Hacker * CompTIA Network+ce * CompTIA Security+ce * PenTest+ * CCNA * GCIH * GCFA * GCFE * GNFA * GDAT * CISSP * Cloud+

Created: 2025-10-04