AT&T Senior Specialist System Design Engineer (Government) in Great Falls, Virginia
Seeking experienced security incident response operations analysts to manage confidentiality, integrity, and availability of internal and customer-facing networks and protection of vital information from cyber adversaries. Position will involve cybersecurity incident response threat validation and reporting, incident and threat coordination and communication, participation in the development of cyber analysis growth and improvement opportunities and advisory boards, extensive writing and briefing opportunities, certification & accreditation activities, and developing reports and risk assessments for several government programs
Ideal candidate must be a self-starter, customer-focused, team player, and be able to coordinate and collaborate on multiple issues simultaneously with many stakeholders.
Must have relevant networking experience (e.g. TCP/IP stack, DNS, BGP, metadata, IDS/IPS) and be able to serve as a Subject Matter Expert in security event identification, known threat validation and analysis, and network vulnerability analysis and reporting.
Expertise in security information and event management tools (HP, Trustwave, OSSIM, etc.), collecting and analyzing host-based (Windows, Linux, or Solaris) and network-based data, using Computer Network Defense or forensic tools, gathering and interpreting information, performing Internet research, identifying mitigation strategies, and effectively communicating results.
Demonstrated analytic ability to discover unknown, suspicious or exploitation activity and analyze exploitation opportunities and expertise to evaluate and recommend information security enhancements, product upgrades, and tools to ensure minimal exposures.
Excellent communications skills, that include the ability to provide formal documentation of analysis and/or research results to include briefings, reports, writing, training of lower tiers, and editing at a technical/professional level, are required.
Possess a bachelor’s degree, as a minimum, in a related field such as math, science, computing, or engineering.
Minimum of 5 years of relevant cybersecurity experience is required.
Flexible with work hours and willing to work shifts when required to meet mission needs.
Required Clearance: Must have and be able to maintain a TS/SCI clearance with polygraph
Desired candidates should be methodical and prolific writers with acute attention to detail.
Candidates should have a minimum of 3-5 years security incident handling expertise within a security operations center.
Understanding of government Tier 1 security operations center roles and responsibilities and computer network defense playbooks or incident response plans related to security operations are desired.
Relevant networking experience (e.g. TCP/IP stack, DNS, BGP, metadata, IDS/IPS) and be able to coordinate with other security teams in areas such as security event identification, known threat validation and analysis, and network vulnerability analysis and reporting. Security+, GCIA, CEH, CIH, or CISSP certification is desired.
Security operations experience with HP Arcsight in the role of incident responder is desired.
Incident handling with 8-10 years security operations center expertise supporting customer-facing elements and internal security information management systems.
Prior experience with open source vulnerability tools such as nmap, autoscan, nessus, Wireshark, snort, etc.
Understanding of government Tier 2 security operations center roles and responsibilities, computer network defense playbooks and incident response plans, and business continuity plans related to security operations are desired.
AT&T is an Affirmative Action/Equal Opportunity Employer and we are committed to hiring a diverse and talented workforce. EOE/AA/M/F/D/V