AT&T Security Lead Analyst (Government) in Washington, District Of Columbia
A Lead is the subject matter expert for all intrusion detection-monitoring activities during their assigned shift. The Task Lead must have the ability to support detailed discovery and analysis of intrusion detection security events, in order to assure that quality work is performed. The Task Lead is the single point of final incident reporting review and escalation. The Task Lead acts as a point of contact for escalations to Management or the Judiciary Automated Systems Incident Response Capability (JASIRC) and releases all notification created by their team to the Courts. The Task Lead will ensure that all incidents are clearly documented and process timely and have been reviewed for quality: the ability to communicate clearly both orally and in writing. The Shift Task Lead will deliver in Microsoft Word a quality written shift lead report detailing work performed during the shift. The report may be shared with Executive Management
Seven years of security intrusion detection examination experience involving a range of security technologies that product logging data; to include wide area networks host and network IPS/IDS/HIPs traffic event review, server web log analysis, raw data logs. The ability to analyze data from a variety of sources over time and create a logical narrative of observed behavior, and the ability to communicate clearly both orally and in writing. Candidate will have at least two years as a cyber security or security operations shift team leader. Candidate will have at least five years’ experience working at a senior level, performing analytics examination of logs and console events in the following working experience areas of; creating advance queries methods in Splunk or advance Grep skills, firewall ACL review, examining Snort based IDS events, Pcaps, webserver log review, and working in a SIEM environment. The candidate must possess at least one (1) of the following certifications: GIAC Certified Intrusion Analyst (GCIA), EC-Council's Certified Security Analyst (ECSA), GIAC Certified Perimeter Protection Analyst (GPPA), GIAC Certified Enterprise Defender (GCED), Systems Security Certified Practitioner (SSCP), or a Certified Information Systems Security Professional (CISSP).
High School Diploma. Bachelor’s degree in Information Systems, Computer Science or related field is preferred.
Required Clearance: Public Trust type background check with finger-printing and drug screening
AT&T is an Affirmative Action/Equal Opportunity Employer and we are committed to hiring a diverse and talented workforce. EOE/AA/M/F/D/V
- AT&T Jobs