Seeking experienced Information System Security Officer to improve the availability and survivability of customer networks and protection of vital information from cyber adversaries. This position will involve Certification & Accreditation activities, cybersecurity threat awareness and reporting, participation in the development of cyber analysis growth and improvement opportunities, cyber analysis and extensive writing and briefing opportunities
Required Skills, Experience, and Education: The ideal candidate must have relevant networking experience (e.g. TCP/IP stack, DNS, BGP, metadata, IDS/IPS) and be able to serve as a Subject Matter Expert in security event identification, threat analysis, and network vulnerability analysis and reporting. Candidates must have expertise in collecting and analyzing host-based (Windows, Linux, or Solaris) and network-based data, utilizing Computer Network Defense or forensic tools, gathering and interpreting information, performing Internet research, identifying mitigation strategies, and effectively communicating results. Should have demonstrated analytic ability to discover unknown, suspicious or exploitation activity and analyze exploitation opportunities and expertise to evaluate and recommend information security enhancements, product upgrades, and tools to ensure minimal exposures. Prior experience with open source vulnerability tools such as nmap, autoscan, nessus, wireshark, snort, etc is desired. Security+, GCIA, CEH, CIH, or CISSP certification is required. Great communications skills, that include the ability to provide formal documentation of analysis and/or research results to include briefings, writing, and editing at a technical/professional level, are required. Candidates should possess a bachelor’s degree, as a minimum, in a related field such as math, science, computing, or engineering. A minimum of 5 years of relevant cybersecurity experience is required.
Required Clearance: TS/SCI; prefer DHS TS/SCI or Suitability
Desired: Desired candidates should be methodical and prolific writers with acute attention to detail. Candidates should have a minimum of 3-5 years security incident handling expertise within a security operations center. Understanding of government Tiered security operations center roles and responsibilities and computer network defense playbooks or incident response plans related to security operations are desired. Candidate should have relevant networking experience (e.g. TCP/IP stack, DNS, BGP, metadata, IDS/IPS) and be able to coordinate with other security teams in areas such as security event identification, known threat validation and analysis, and network vulnerability analysis and reporting. Security+, GCIA, CEH, CIH, or CISSP certification is desired. Security operations experience with HP Arcsight, Splunk, and Splunk Enterprise Security in the role of incident responder is desired. Incident handling with 8-10 years security operations center expertise supporting customer-facing elements and internal security information management systems. Prior experience with open source vulnerability tools such as nmap, autoscan, nessus, Wireshark, snort, etc. is desired. Relevant cybersecurity experience with Department of Homeland Security, Department of Defense, or Federal Bureau of Investigation desired.
AT&T is an Affirmative Action/Equal Opportunity Employer and we are committed to hiring a diverse and talented workforce. EOE/AA/M/F/D/V