AT&T Cyber Security Analyst (Government) in Collinsville, Illinois
A member of the Computer Network Defense (CND) Team (DISA GSM-O program) that leads/supports CND Activities within DISA Global. Responsible for maintaining the integrity and security of enterprise-wide cyber systems and networks.
Supports cyber security initiatives through both predictive and reactive analysis, articulating emerging trends to leadership and staff.
Coordinates resources during enterprise incident response efforts, driving incidents to timely and complete resolution.
Performs network traffic analysis utilizing raw packet data, net flow, IDS, and custom sensor output as it pertains to the cyber security of communications networks.
Reviews threat data from various sources and develops custom signatures for Open Source IDS or other custom detection capabilities.
Correlates actionable security events from various sources including Security Information Management System (SIMS) data and develops unique correlation techniques.
Utilizes understanding of attack signatures, tactics, techniques and procedures associated with advanced threats.
Develops analytical products fusing enterprise and all- source intelligence.
Conducts malware analysis of attacker tools providing indicators for enterprise defensive measures, and reverse engineer attacker encoding protocols.
Interfaces with external entities including law enforcement organizations, intelligence community organizations and other government agencies such as the Department of Defense.
Provides CND reports, trends, responses, mitigations, analysis, and information dissemination. Provides C2 support, situational awareness support, and provide leadership & support for all CND applicable activities.
Support teams within a performance-based environment with pre-determined Acceptable Levels of Performance (ALP’s).
Supports the development, documentation and tracking of measurements & metrics relevant to the ALP’s.
Interfaces with Government counterparts, both CONUS & OCONUS, along with contract team members.
Maintains the integrity & security of enterprise-wide systems & networks.
Supports security initiatives through predictive & reactive analysis, and by articulating emerging trends to leadership & staff.
Possess a CompTIA Security+ with Continuing Education (CE) certification.
Experience supporting CND or related teams.
Experience working CND duties.
Experience working with DoD / Government Leaders at all levels.
Strong communication skills (both written and verbal).
In-depth understanding of TCP/IP protocols, ports, and services.
Bachelor’s degrees from an accredited college in a related discipline, or equivalent experience/combined education, with 5 years of professional experience; or 3 years of professional experience with a related Master’s degree.
Desired Experience, Education, and Certifications:
At least one other IA certification completed, i.e., SSCP, CSIH, GCIA, GCIH or CEH.
UNIX Administrative skills. Command Line Scripting skills (PERL, python, shell scripting) to automate analysis task.
Knowledge of hacker tactics, techniques, and procedures (TTP).
Be able to conduct malware analysis.
Demonstrated hands on experience with various static and dynamic malware analysis tools
Knowledge of advanced threat actor tactics, techniques and procedures (TTP) Understanding of software exploits.
Ability to analyze packed and obfuscated code.
Comprehensive understanding of common Windows APIs and ability to analyze shellcode.
Required Clearance: Active DoD TS or above
AT&T is an Affirmative Action/Equal Opportunity Employer and we are committed to hiring a diverse and talented workforce. EOE/AA/M/F/D/V