AT&T Computer Network Defense Analyst L2 (Government) in Columbia, Maryland

Seeking experienced computer network defense analysts to improve the availability and survivability of customer networks and protection of vital information from cyber adversaries. The ideal candidate has significant experience in network-based security analysis, with knowledge of common protocols (TCP/IP stack, DNS, BGP), flow metadata analysis, and the use of IDS/IPS systems to detect and analyze malicious activity. The ideal candidate should also be able to serve as a Subject Matter Expert in security event identification, threat analysis, and network vulnerability analysis and reporting.

  • Candidates must have expertise in collecting and analyzing (Windows, Linux, or Solaris) and network-based data, utilizing Computer Network Defense or forensic tools, gathering and interpreting information, performing Internet research, identifying mitigation strategies, and effectively communicating results.

  • Should have demonstrated analytic ability to discover unknown, suspicious or exploitation activity and analyze exploitation opportunities and expertise to evaluate and recommend information security enhancements, product upgrades, and tools to ensure minimal exposures.

  • Prior experience with cybersecurity tools such as nmap, autoscan, nessus, wireshark, snort, etc. is desired.

  • Great communications skills, that include the ability to provide formal documentation of analysis and/or research results to include briefings, writing, and editing at a technical/professional level, are required.

  • Experience in malware analysis.

Candidates should exhibit:

• knowledge of IP Protocols;

• experience with open source research on Internet protocols;

• knowledge of Internet architecture and routing;

• knowledge of Internet security;

• knowledge of Linux commands, scripting and programming languages (Perl, Python, etc.);

• experience with pcap tools (e.g., WireShark);

• experience with data analysis, especially large data sets (e.g., Netflow)

• knowledge of Snort rule interpretation and creation;

• experience with one or more IDS/IPS systems;

• experience with cybersecurity analyses and reporting;

• familiarity with SQL databases (e.g., postgres);

• CISSP, CEH and/or GCIA certifications are desirable.

Required Skills, Experience, and Education: Candidates should possess a master’s degree in a related field such as math, science, computing, or engineering along with at least 5 years of relevant experience or a bachelor’s degree in a related field such as math, science, computing, or engineering along with at least 10 years of relevant experience.

Required Clearance: TS/SCI with polygraph

Desired: Experience with the listed tools is essential

AT&T is an Affirmative Action/Equal Opportunity Employer and we are committed to hiring a diverse and talented workforce. EOE/AA/M/F/D/V