Job Description:
Role – Lead Cybersecurity – Cyber Threat Intelligence
About the Company:
At AT&T, we’re connecting the world through the latest tech, top-of-the-line communications and the best in entertainment. Our groundbreaking digital solutions provide intuitive and integrated experiences for millions of customers across online, retail and care channels. Join our mission to deliver compelling communication and entertainment experiences to customers around the world as we continue to evolve as a technology-powered, human-centered organization. As part of our team, you’ll transform the way we deliver a seamless customer experience with digital at the center of all you do. In our world, digital is much larger than just an eCommerce channel, we are transforming all channels to digitally perform as one team to create a better customer experience. As we move into 2024, the digital transformation will revolutionize the digital space and you can build a career that will propel your future.
About the Job:
The Lead in Cyber Threat Intelligence investigates and researches cyber threats using a variety of sources, methods, analysis tools and techniques. The professional in this role derives actionable threat intelligence and provides analytical support to the Chief Security Office Threat Analytics organization. The professional in this role will support and guide team members in technical and functional matters in providing high-quality and actionable intelligence products / deliverables. Leads the team to success. Collaborates with leadership teams, provides subject matter expertise and insights.
The Lead will demonstrate knowledge or use of:
- Knowledge of the Intelligence cycle, including the collection, analysis, and dissemination of threat intelligence, and how it applies to dark web activities.
- Processes and techniques for intelligence, tactical, strategic, and administrative analysis.
- Common cybersecurity concepts, tools, and frameworks (e.g., NIST, MITRE ATT&CK, SIEM, IDS/IPS, etc.)
- Common cyber threats, attack methods and techniques (e.g. ransomware, malware, phishing, etc.)
- Cyber-attack stages (e.g. reconnaissance, scanning, enumeration, exploitation, privilege escalation, lateral movement, persistence, etc.)
The Lead will have demonstrated ability to:
- Identify cyber threats, create and update detective measures, IOC, and threat profiles.
- Identify patterns and trends in data with strong analytical and problem-solving skills.
- Identify False Positives and False Negatives.
- As a Lead and expert, perform quality assurance of overall teams’ products and deliverables.
- Use and configure threat intelligence platforms and tools (e.g., MISP, ThreatConnect, OpenCTI or equivalent).
- Stay current with the latest developments in cybersecurity and threat intelligence.
- Use Open-Source Research Techniques to discover related threats.
- Adhere to established rules, regulations, conventions, and information protection requirements with a demonstrated sense of responsibility and ethics.
- Work independently and collaboratively in a fast-paced & dynamic environment.
- Support, guide and mentor peer team members in technical and functional matters.
- Apply feedback to future work products.
The professional in this role will perform analysis of complex security issues and corresponding activities to help mitigate risk. Includes forward looking research, planning and strategy to strengthen our stance against future cyber security threats, and enhancing our mitigation techniques, processes, and technology solutions.
Experience Level: 12+ years
Location: Hyderabad / Bengaluru
Roles and Responsibilities:
- Perform deep technical analysis of suspicious activity using internal and external collection platforms, including but not limited to review of intelligence platforms, darkweb chatter, metadata and intelligence sources.
- Use proprietary and open-source intelligence sources to analyze and interpret telemetry, produce informative products, briefs, reports, and indicators of compromise.
- Configure and optimize internal and external threat monitoring systems to increase AT&T's intelligence holdings to maintain a high standard of quality for cyber indicators and adversary Tools, Techniques and Procedures.
- Document findings and recommend remediation action to a team of highly technical professionals with expertise in cybersecurity, threat intelligence, threat detection, networking, log, malware, and vulnerability analysis. Provide actionable intelligence reports.
- Identify and implement new analysis techniques, beyond those currently available.
- Detect threats and recommend detection mechanisms beyond the capabilities of common tools.
- Reduce the risk of False Positive or False Negative detections and improve detection logic for advanced and targeted threats that are missed by existing tools and controls.
- Implement new automation solutions to improve workflow efficiency.
- Be proactive and demonstrate the ability to analyze issues, generate ideas, and initiate action while achieving results.
- Effectively manages multiple tasks / projects with close attention to detail and meets short turnarounds and deadlines.
- Collaborate with leadership teams, provide subject matter expertise and insights.
- Support and guide team members in providing high-quality and actionable intelligence products / deliverables.
- Support, guide and mentor team members in technical and functional matters.
Primary / Mandatory skills:
- Overall – At least 12+ years of experience in cybersecurity, threat intelligence, or a related field.
- Expert knowledge of common cybersecurity concepts, tools, and frameworks (e.g., NIST, MITRE ATT&CK, SIEM, IDS/IPS, etc.).
- Proven experience with advanced threat intelligence platforms and tools (e.g., MISP, ThreatConnect, OpenCTI or equivalent).
- Advanced analytical and problem-solving skills with the ability to identify patterns and trends in data and make data-driven decisions.
- Excellent communication skills, both written and verbal, with the ability to convey complex information in a clear and concise manner.
- A commitment to staying current with the latest developments in cybersecurity and threat intelligence through ongoing training and professional development.
- Ability to work both independently and as part of a team in a fast-paced, dynamic environment.
- Sense of urgency and attention to detail.
Desirable skills:
- Information security credentials CISSP, SANS certifications(such as GCTI / GCIH / GMON/ GCFA), or equivalent
- Bachelor's degree in computer science, cybersecurity, information technology, or a related field. Master's degree preferred.
- Proficiency with programming or scripting languages (e.g., Python, PowerShell, or equivalent).
Additional information (if any): Flexible to provide coverage in US morning hours on a need-basis, and as required.
Certification: Information security credentials CISSP, SANS certifications(such as GCTI / GCIH / GMON/ GCFA), or equivalent.
Weekly Hours:
40
Time Type:
Regular
Location:
IND:KA:Bengaluru / Innovator Building, Itpb, Whitefield Rd - Adm: Intl Tech Park, Innovator Bldg
It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, AT&T will provide reasonable accommodations for qualified individuals with disabilities.
Job ID R-36804 Date posted 09/16/2024