Senior-Technology Security

The selected candidate will have an emphasis on cyber intelligence and work as a member of the security analysis team on a project that analyzes network log data for security relevant events using a variety of network-data processing platforms and tools.

The candidate will be working with a threat intelligence platform to not only extract relevant IOC’s but also identify and incorporate new threat intelligence sources into this platform.  Candidate will work in a collaborative manner with other analysts to identify security events, characterize events, provide recommendations for remediation of those events, and define analytical methods to automate the analysis. The candidate will perform ad-hoc analytical processing on a variety of network data feeds, system processed data derivatives (metadata), automated system alerts, open source information, collaboration with other analysts, and collaboration with outside organizations. This analysis will require knowledge in some of the newest areas of security including Cloud technology, Big Data environments, Mobility, and Advanced Persistent Threats. Some aspects of the analysis may require use of deep packet inspection packet analysis.

The selected candidate will be responsible for reporting findings in written and verbal form. Results of analysis will be used to inform management, notify affected customers, advise network operations, and advise network engineering on security issues as well as recommended remediation and solutions. The candidate will also work with researchers to help define algorithms for automation of ad-hoc analysis methods and will work with the analysis platform engineering and development team to help define automated processing reports and alerts for automation of ad-hoc processes.

The overall objectives and responsibilities for this position are to:

·Foster the growth of AT&T’s cyber threat intelligence practice

·Coordinate with peer, cross-industry, and government community groups

·Assist in orchestration of regular security response exercises in preparation of potential threats

·Improve and enhance incident response procedures, processes, and practices

·Participate in periodic after-hours security incident escalation rotation and be available for critical incidents within the enterprise

·Serve as a role model and mentor.  Including coaching, on-the-job and formal training, reference materials, procedures and system documentation.

