Seeking experienced security incident response operations analysts to manage confidentiality, integrity, and availability of internal and customer-facing networks and protection of vital information from cyber adversaries. This position will involve cybersecurity incident response threat validation and reporting, incident and threat coordination and communication, participation in the development of cyber analysis growth and improvement opportunities and advisory boards, extensive writing and briefing opportunities, and developing reports and risk assessments for government programs Required Skills, Certification, Experience, and Education:
The ideal candidate must be a self-starter, customer-focused, team player, and be able to coordinate and collaborate on multiple issues simultaneously with many stakeholders. Supports known threat detection within the SIEM platform, Review security events that are populated in a SIEM, Assist with the development of processes and procedures to improve incident response times, analysis of incidents, and overall SOC functions Conduct proactive threat research, Investigate intrusion attempts and perform in-depth analysis of exploits, Performs deep-dive incident analysis by correlation data from various sources; determines if a critical system or data set has been impacted; advises on remediation; provides support for a new analytic methodology for detecting threats. DLP, Web Proxy, and IDP/IDS experience preferred. Hands-on experience with Splunk is highly desirable.
Required Clearance: Must have and be able to maintain a Secret clearance
Desired: Desired candidates should be methodical and prolific writers with acute attention to detail. Candidates should have a minimum of 2-4 years security incident handling expertise within a security operations center. Develops and implements advanced cyber defense solutions and changes for organizations, safeguards the corporate infrastructure from infiltrations of exfiltration, and assures that the system is built to specification and is deployed successfully. Designs, maintains, and operates highly complex and high secure communications network environments. Performs in-depth network security analysis, and conducts preliminary incident response, event analysis, and threat intelligence. Reviews security events that could be a detriment to the organization’s overall security stance.
An 8570 IAT level 2 or higher certification is required within the first 6 months from hire: I.e. GSEC, Security+ CE, SSCP GCIH, CISA, CISSP (or Associate), or GCED.
AT&T is an Affirmative Action/Equal Opportunity Employer and we are committed to hiring a diverse and talented workforce. EOE/AA/M/F/D/V