AT&T Information Systems Security Specialist Associate - CND (Government) in Colorado Springs, Colorado
AT&T Information Systems Security Specialist Associate (ISSSA) is a member of the Network Assurance (NA) Team (DISA GSM-O program) that support NA Activities within DISA Global.
AT&T ISSSA is responsible for maintaining the integrity and security of enterprise-wide cyber systems and networks. Responsibilities are to:
Support cyber security initiatives through both predictive and reactive analysis, articulating emerging trends to leadership and staff.
Coordinate resources during enterprise incident response efforts, driving incidents to timely and complete resolution.
Perform network traffic analysis utilizing raw packet data, net flow, IDS, and custom sensor output as it pertains to the cyber security of communications networks.
Review threat data from various sources and develops custom signatures for Open Source IDS or other custom detection capabilities.
Correlate actionable security events from various sources including Security Information Management System (SIMS) data and develops unique correlation techniques.
Utilize understanding of attack signatures, tactics, techniques and procedures associated with advanced threats.
Develop analytical products fusing enterprise and all- source intelligence.
Be able to conduct malware analysis of attacker tools providing indicators for enterprise defensive measures, and reverse engineer attacker encoding protocols.
Interface with external entities including law enforcement organizations, intelligence community organizations and other government agencies such as the Department of Defense.
Those successful working as an Information Systems Security Specialist Associate are able to meet the responsibilities of the position as noted:
Provide CND reports, trends, responses, mitigation, analysis and information dissemination.
Provide C2 support, situational awareness support, and provide leadership & support for all CND applicable activities within Protect, Detect, Respond, and Sustain.
Support teams within a performance-based environment with pre-determined Acceptable Levels of Performance (ALP's).
Support the development, documentation and tracking of measurements & metrics relevant to the ALP's
Interface with Government counterparts, both CONUS & OCONUS, along with contract team members.
Maintain the integrity and security initiatives through predictive & reactive analysis
Articulate emerging trends to leadership and staff.
CND Team is responsible for Detecting, Responding, Sustaining, and Protecting!
Relevant experience - CND Duties including Detect, Response, Sustain, Protect.
Detect: Perform network traffic analysis utilizing raw packet data, net flow, IDS, IPS and custom sensor output, as it pertains to the cyber security of communications networks
Correlate actionable security events from various sources, including Security
Information Management System (SIMS) data & develop unique correlation techniques
Utilize knowledge of attack signatures, tactics, techniques and procedures to aid in the detection of Zero-Day attacks
Participate in the coordination of resources during enterprise incident response efforts
Interface with external entities including law enforcement, intelligence community & other government agencies
Provide limited analysis of incidents for the customers by: determining the incidents‘ nature and formulating responses; identifying & providing the ability to surge during emergencies;
correlating event & incident data; determining possible effects on the DODIN, customer networks, and other organizations
Review threat data from various sources & aid in the development of custom signatures for Open Source & commercial off-the-shelf (COTS) IDS
Provide CND server admin & maintenance of intrusion detection systems, and other associated equipment
Ensure security plan compliance
Monitor CND security-relevant network components
Perform infrastructure monitoring, performance assessment, new requirement analysis and support
Provide support to serviced components & appropriate Government oversight entities by implementing DoD-wide Red Team: notifications, reports, assessments, coordination, information collection, performance measurement, requirements identification, and feedback
REQUIRED Experience, Education, and CERTIFICAITONS:
Candidate must possess a CompTIA Security+ with Continuing Education (CE) certification
Candidate must have experience supporting CND or related teams.
Candidate must have experience working CND duties (e.g., Protect, Defend, Respond, and Sustain).
Candidate must have experience working with DoD / Government Leaders at all levels.
Candidate must have strong communication skills (both written and verbal).
Candidate must have an in-depth understanding of TCP/IP protocols, ports, and services
Desired Experience, Education, and Certifications:
Candidate should have at least one other IA certification completed, i.e., SSCP, CSIH, GCIA, GCIH or CEH.
Candidate should have UNIX Administrative skills.
Candidate should have Command Line Scripting skills (PERL, python, shell scripting) to automate analysis task.
Knowledge of hacker tactics, techniques, and procedures (TTP).
Be able to conduct malware analysis.
Demonstrated hands on experience with various static and dynamic malware analysis tools
Knowledge of advanced threat actor tactics, techniques and procedures (TTP)
Understanding of software exploits.
Ability to analyze packed and obfuscated code.
Comprehensive understanding of common Windows APIs and ability to analyze shellcode.
Required Clearance: Active TS
AT&T is an Affirmative Action/Equal Opportunity Employer and we are committed to hiring a diverse and talented workforce. EOE/AA/M/F/D/V