Information security specialist

Windstream Holdings, Inc., is a leading provider of advanced network communications and technology solutions for consumers, small businesses, enterprise organizations and carrier partners across the U.S.

• Kinetic is a premier internet solutions provider on a mission to deliver ultra-fast, reliable internet to consumers and small businesses across the U.S., helping them Internet better.

• Windstream Enterprise is a leading managed services provider providing strategic communications and security products to mid-size businesses and enterprise clients.

• Windstream Wholesale provides high-capacity, high-performance networking solutions and services to other telecom carriers, data centers, content providers and enterprises.

The Windstream team provides innovative software and network solutions to connect people and empower business in a world of infinite possibilities!

_____________________________

About the Role:

The Information Security Specialist is a crucial member of the Threat Detection and Response (TDR) team, dedicated to safeguarding the Windstream environment against cyber threats. This role involves a blend of expertise in cybersecurity tactics and an analytical mindset to detect, investigate, and mitigate potential security incidents. The Specialist will act as both a subject matter expert and a mentor, fostering knowledge and skills development within the team.

What You'll Do:

• Alert Management: Detect and respond to security alerts from both TDR and third-party tooling.

• Incident Handling: Coordinate a well-structured response to cybersecurity incidents to minimize their impact.

• Expertise Provision: Serve as a subject matter expert in information security within the organization.

• Mentorship: Provide guidance and help develop training plans for junior team members.

• Tool Optimization: Oversee the review and tuning of rules for all TDR tools.

• SIEM Enhancement: Continuously improve the SIEM system, adjust security tools, log ingestion, and rule sets in response to the evolving threat landscape.

• Playbook Development: Create incident response playbooks based on SOC escalation metrics.

• Automation and Streamlining: Develop and drive agile automation solutions to enhance detection capabilities, making use of Security Orchestration, Automation, and Response (SOAR) tools.

• Threat Modeling: Conduct threat modeling exercises to maintain robust security postures.

• Threat Hunting: Execute threat hunts on Common Vulnerabilities and Exposures (CVEs) and Indicators of Compromise (IOCs), ensuring effective monitoring.

• Remediation Documentation: Document remediation strategies to neutralize threats and secure the environment.

• Technical Escalation: Act as an escalation point for Tier I & II analysts or Managed Security Service Providers (MSSP).

• Incident Response: Manage the entire incident response process, from initial alert to recovery and post-incident analysis.

• Log Review and Engineering: Conduct log reviews and engineer the integration of log sources with security tools.

• Policy and Documentation Maintenance: Ensure the creation and updating of cybersecurity service standards, documentation, and processes.

• Incident Tracking: Formally document and track incidents from detection to resolution.

• Performance Metrics: Develop metrics for Incident Response to foster process improvements.

• Cyber Threat Intelligence: Collect and utilize threat intelligence to bolster defenses against known attack vectors.

• Threat Classification: Prioritize threats based on intelligence and system alerts.

• Compliance Assistance: Aid in artifact collection for compliance with standards such as PCI-DSS and SOX.

• Team Exercises: Engage in Red/Blue team activities and participate in tabletop exercises.

• Shift Availability: Availability to work on a 24x7 schedule to ensure continuous security coverage.

Do You Have:

• Comprehensive knowledge of network protocols, devices, operating systems, cloud computing, and secure architecture, including proficiency in Windows, Linux, Azure, and Oracle Cloud.

• Proficiency with SIEM, SOAR, IDS/IPS, EDR, Mail Gateways, Proxy, PKI, SYSLOG, and other network/security components.

• Proven experience in incident response and remediation.

• Familiarity with NIST Publications such as SP 800-53, 800-61, 800-70, 800-37.

• Understanding of IT Security principles, techniques, and technologies.

• Capability to conduct host and network analysis, including packet capture analysis.

• In-depth knowledge of the MITRE ATT&CK Framework, and understanding of OWASP, Kill Chain, and other security frameworks.

• Strong grasp of malware analysis concepts and methodologies.

• Ability to independently manage initiatives with minimal oversight.

• Ownership of toolsets or processes within the security domain.

• Expertise in managing Incidents, Service Requests, Change, and Problem management processes.

• Experience with current cyber threats and their exploitation tactics.

• Exceptional analytical and problem-solving skills.

• Excellent time management and organizational skills.

• Quick learner for new technologies and concepts.

Must Haves:

Candidates must possess or be willing to obtain within the first 12 months of employment one of the following certifications: Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP) or SANS Global Information Assurance Certification (GCIH).

Physical Tasks - Standing Occasionally: 0-33% | Walking Occasionally: 0-33% |Sitting Continuously: 67-100% | Bending: Occasionally: 0-33% | Crouching: Occasionally: 0-33% | Pushing-Pulling: Occasionally: 0-33% | Carrying: Occasional: 0-33% | Reaching Above Head: Occasionally: 0-33% | Lifting-Lowering >1-15 lbs: Occasionally: 0-33% | Repetitive Hand Action: Medium Dexterity: Continuously: 67-100% | Fine Manipulating: frequently: 34% - 66%

Audio Visual Needs - Hearing: Continuously: 67-100%| Near Vision: Continuously: 67-100% | Far Vision: Occasionally: 0-33% | Peripheral Vision: Occasionally: 0-33%

Equipment Used in Job Performance : Computer, Printer, Telephone, Basic Office Supplies, Copier

The starting compensation range for this job is $76,300 to $104,200.

_____________________________

Our Benefits:

• Medical, Dental, Vision Insurance Plans

• 401K Plan

• Health & Flexible Savings Account

• Life and AD&D, Spousal Life, Child Life Insurance Plans

• Educational Assistance Plan

• Identity Theft, Legal, Auto & Home and Pet Insurance

• https://windstreambenefits.com

Windstream is an equal opportunity employer. At Windstream, we celebrate the authenticity and uniqueness of our people and their ideas. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, genetic information, protected veteran status, current military status, disability, sexual orientation, marital status, creed, citizenship status, or any other status protected by law, and to give full consideration to qualified disabled individuals and protected veterans.

Actual base pay for this job will depend on the candidate's primary work location and other factors, such as relevant skills and experience.

Notice to Non-U.S. Citizens: Windstream, as a holder of licenses granted by the Federal Communications Commission, is required to notify and to obtain approval from federal regulatory agencies prior to granting certain system/network access to any non-U.S. citizen personnel. Offers of employment extended to non-U.S. citizens are contingent upon receiving the requisite approval from agencies overseeing compliance. Non-U.S. citizens are required to provide Windstream with the personal identifying information required to obtain the necessary approval prior to accessing certain systems and/or Windstream's network. If you are not a U.S. citizen, please notify your recruiter or email CORP.HRlegal@windstream.com as soon as possible for information on Windstream's foreign personnel disclosure and approval requirements.

Job Details

Job Family IT

Job Function Information Security

Pay Type Salary