Cybersecurity Threat Analyst – Principal (Government)

Job Description:

This is a hybrid position with occasional visits to customer site in Washington, DC.

AT&T Global Public Sector is a trusted provider of secure, IP enabled, cloud-based, network solutions and professional services to the Federal Government. We are dedicated to recruiting, developing and empowering a diverse, high-performing workforce that is passionate about what they do, committed to our shared values and dedicated to our customers’ mission.

AT&T has an opening for a Cybersecurity Threat Analyst – Principal. This role analyzes digital evidence and investigates computer security incidents to derive useful information in support of incident response and system/network vulnerability mitigation.

Job Duties/Responsibilities:

• Conduct analysis of log files, evidence, and other information to determine best methods for identifying the perpetrator(s) of a network intrusion.

• Confirm what is known about an intrusion and discover new information, if possible, after identifying intrusion via dynamic analysis.

• Provide technical summary of findings in accordance with established reporting procedures.

• Examine recovered data for information of relevance to the issue at hand.

• Perform file signature analysis and perform file system forensic analysis.

• Collect and analyze intrusion artifacts and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise.

• Supervises cyber threat analysts.

Required Clearance

Able to pass police background check. (#clearable)

Required Qualifications:

• Bachelor’s Degree with at least eight (8) years’ experience in threat analysis. Four additional years of related experience may substitute for degree.

• Knowledge of investigative implications of hardware, operating systems, and network technologies.

• Knowledge of data carving tools and techniques.

• Knowledge of anti-forensics tactics, techniques, and procedures.

• Knowledge of concepts and practices of processing digital forensic data.

• Skill in preserving evidence integrity according to standard operating procedures or national standards.

• Skill in using forensic tool suites.

• Skill in conducting forensic analyses in multiple operating system environments.

• Skill in analyzing anomalous code as malicious or benign.

• Skill in analyzing volatile data.

• Skill in processing digital evidence, to include protecting and making legally sound copies of evidence.

• Ability to conduct forensic analyses in and for Windows, Unix/Linux, and cloud environments.

• Experience briefing government leadership.

• Ability to organize and prioritize numerous customer requests in a fast-paced, deadline-driven environment.

Desired Qualifications

• Relevant industry certifications or classes such but as not limited to:

- GIAC Cyber Threat Intelligence (GCTI),

- GIAC Open-Source Intelligence Certification (GOSI),

- Certified Threat Intelligence Specialist I (CTIS-I) and II (CTIS-II),

- Certified Cyber Intelligence Professional (CCIP),

- Certified Threat Intelligence Analyst (CTIA) and

- DoD Service and/or Agency Cyber Threat Intelligence coursework.

Weekly Hours:

Time Type:

Location:

It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, AT&T will provide reasonable accommodations for qualified individuals with disabilities.AT&T is a fair chance employer and does not initiate a background check until an offer is made.