Job Directory AT&T Cyber Threat Analyst, Principal (Westfields)
AT&T

Cyber Threat Analyst, Principal (Westfields) AT&T
Oakton, VA

AT&T is a provider of telecommunications, media, entertainment, and technology services for consumers, content creators, distributors, and advertisers.

Companies like AT&T
are looking for tech talent like you.

On Hired, employers apply to you with up-front salaries.
Sign up to start matching for free.

About AT&T

Job Description

Plan

and investigate cyber incidents including establishing cyber incident

cases: Set up a response plan with

procedures. Focus and coordinate with

I&W to focus on incident prevention.

Incident prevention is especially important in order to reduce the

seriousness of a cyber incident.

Incident

management: detect potential/actual issues; contain the event, especially

when related to malware installed on servers; remediate including eradication

of malware; recover from the event and restore systems to full functionality;

perform computer security incident response activities for a large

organization, coordinate with other government agencies to record and report

incidents. Monitor & analyze

Intrusion Detection Systems (IDS) to identify security issues for

remediation. Recognize potential,

successful, and unsuccessful intrusion attempts and compromises through

reviews and analyses of relevant event detail and summary information. Communicate alerts to agencies regarding

intrusions and compromises to their network infrastructure, applications

& operating systems. Assist with implementation of counter-measures or mitigating

controls. Ensure the integrity and

protection of networks, systems, and applications by technical enforcement of

organizational security policies, through monitoring of vulnerability

scanning devices. Perform periodic and

on-demand system audits and vulnerability assessments including user accounts,

application access, file system and external Web integrity scans to determine

compliance. Prepare incident report of

analysis methodology and results. Prepare

incident reports of analysis methodology and results. Provide guidance and work leadership to

less-experienced technical staff members.

Maintain current knowledge of relevant technology. Participate in

special projects as required.

* Work to be performed in the Springfield, VA area*

Prerequisites: / Qualifications:

The Cyber Threat Analyst Principal must have a minimum of 8 or more years

of cyber security experience (DoD 8570 requirement). For 8570 Compliance,

must have or be able to obtain CEH, GICA or GCIH within 6 months.

Must

be able to satisfy requirements for Computer Network Defense (CND) Analyst,

Infrastructure Support, Incident Responder, Auditor, and Management positions

in accordance with the ND 50-05 (IAWEP) guidance.

Specific

experience in

* advanced use of forensic

tools/investigations;
* investigating advanced persistent

threat (APT), hacker/breach investigations, intrusion analysis, and advanced

investigative strategies;
* advanced computer forensics methodology;

in-depth Windows FAT and exFAT file system examination;
* remote & complex forensic

acquisition/analysis tactics;
* advanced memory acquisition &

analysis;
* live response & volatile evidence

collection;
* system restore points & volume

shadow copy exploitation;
* file system timeline analysis; super

timeline analysis; file system and data layer examination;
* metadata and file name layer

examination; file sorting and hash comparisons;
* advance file recovery;
* discovering unknown malware on a host;

recovering key windows files;
* indicators of compromise development

& usage;
* step-by-step methodologies to

investigate intrusion cases;
* extensive experience with Wireshark and

Flow analysis tools.

Candidate

should also have research and analytical skills and be able to pinpoint significant

patterns related to cyber threats, strong organizational, presentation and

communication skills.

Candidate

should be able to provide rule to IDS developed based on research to identify

vulnerabilities being exploited.

Real-world

experience in cyber incident response/reconstruction/analysis, SIEM

operations/maintenance, and malware analysis is desired.

Required Clearance: U. S.

Citizen. TSSCI with Polygraph

required. Must have an active or reinstatable TSSCI with Polygraph to apply.

Job ID 1924533 Date posted 07/02/2019

About AT&T

AT&T is a provider of telecommunications, media, entertainment, and technology services for consumers, content creators, distributors, and advertisers.

Headquarters
Size
243000 employees
AT&T

Whitacre Tower, 208 S Akard St

Let your dream job find you.

Sign up to start matching with top companies. It’s fast and free.