AT&T Information Systems Security Specialist Associate (Government) in Collinsville, Illinois

The Cybersecurity Analyst is a member of the Defensive Cyber Operations team (on the DISA GSM-O program). This team supports network assurance activities within DISA.

Candidate will perform the following duties:

  • Responsible for maintaining the integrity and security of enterprise-wide cyber systems and networks

  • Supports cyber security initiatives through both predictive and reactive analysis

  • Articulates emerging trends to leadership and staff

  • Coordinates resources during incident response efforts, driving incidents to timely and complete resolution

  • Performs network traffic analysis using raw packet data, net flow, IDS data, and custom sensor output

  • Reviews threat data and develops custom signatures

  • Correlates actionable security events and develops unique correlation techniques

  • Uses attack signatures and tactics, techniques and procedures (TTPs) to aid in Zero-Day detection

  • Uses attack signatures and TTPs associated with Advanced Persistent Threats to identify new threats and attacks

  • Conducts basic malware analysis of attacker tools, identifying indicators of compromise, and reverse engineer attacker

  • encoding protocols

  • Interfaces with external entities, including law enforcement and intelligence community organizations

  • Provides analysis of incidents for customers by:

  • determining the incident’s nature and formulating responses

  • identifying and providing the ability to surge during emergencies

  • correlating event and incident data

  • determining possible effects on the DODIN, customer networks, and other organizations

  • Ability to work independently and within a team as required

  • Monitors Computer Network Defense (CND) security-relevant network components

  • Performs infrastructure monitoring, performance assessment, new requirement analysis and support

Additional Duties:

  • Prepare and disseminate CND reports, trends, responses, mitigations, analysis, and information

  • Provide support to leadership for CND applicable activities within Protect, Detect, Respond, and Sustain

  • Support a performance-based environment with pre-determined Acceptable Levels of Performance (ALPs)

  • Support the development, documentation, and tracking of metrics relevant to the ALPs

  • Interface with government counterparts and leadership

  • Master’s degree from an accredited college in a related discipline, with three (3) years of professional experience; or Bachelor’s degree from an accredited college in a related discipline, with five (5) years of professional experience; or ten (10) years professional experience in Information Security, with at least four (4) years specializing in security, vulnerability mitigation techniques, and exploitation methods within enterprise networks

  • DoD 8570 Compliant for IAT Level II: Possess a CASP, CCNA-Security, CISSP, CSA+, GICSP, GSEC, Security+ CE, or SSCP certification

  • DoD 8570 Compliant for CSSP Analyst within 90 days of employment: Possess a CEH, CFR, CSA+, GCIA, GCIH,GISCP, or SCYBER certification

  • In-depth understanding of TCP/IP protocols, ports, and services

  • Strong communication skills, both written and verbal

Desired Experience, Education, and Certifications:

  • CND experience

  • Department of Defense experience

  • *NIX familiarity

  • Command Line Scripting skills (PERL, Python, PowerShell scripting) to automate analysis task

  • Knowledge of hacker TTPs

  • Be able to conduct basic malware analysis

  • Demonstrated hands on experience with various static and dynamic malware analysis tools

  • Knowledge of advanced threat actor TTPs

  • Understanding of software exploits

  • Ability to analyze packed and obfuscated code

  • Comprehensive understanding of common Windows APIs and ability to analyze shellcode

Required Clearance: TS/SCI

AT&T is an Affirmative Action/Equal Opportunity Employer and we are committed to hiring a diverse and talented workforce. EOE/AA/M/F/D/V