Leading Cyber ​​Security – Cyber ​​Threat Intelligence at AT&T – IND:KA:Bengaluru / Innovator Building, Itpb, ​​Whitefield Rd – Adm: Intl Tech Park, Innovator Bldg

Job description:

Role – Cybersecurity Manager – Cyber ​​​​Threat Intelligence

About the company:

At AT&T, we connect the world through the latest technology, leading communications, and the best in entertainment. Our groundbreaking digital solutions provide intuitive and integrated experiences for millions of customers across online, retail, and healthcare channels. Join our mission to deliver compelling communications and entertainment experiences to customers around the world as we continue to evolve as a technology-driven, people-centric organization. As part of our team, you will transform the way we deliver a seamless customer experience with digital at the heart of everything you do. In our world, digital is much bigger than just an ecommerce channel, we are transforming all channels to perform digitally as one team to create a better customer experience. As we move into 2024, digital transformation will revolutionize the digital space and you can build a career that will propel your future forward.

About the track:

The Lead in Cyber ​​​​Threat Intelligence investigates and investigates cyber threats using a variety of sources, methodologies, analysis tools and techniques. The professional in this role derives actionable threat intelligence and provides analytical support to the Chief Security Office Threat Analytics organization. The professional in this role supports and guides team members in technical and functional matters in delivering high-quality and actionable intelligence products/deliverables. Leads the team to success. Partners with leadership teams, providing subject matter expertise and insights.

The Lead demonstrates knowledge or use of:

• Knowledge of the intelligence cycle, including the collection, analysis, and dissemination of threat information and how it applies to dark web activity.
• Processes and techniques for intelligence, tactical, strategic and administrative analysis.
• Common cybersecurity concepts, tools, and frameworks (e.g., NIST, MITRE ATT&CK, SIEM, IDS/IPS, etc.)
• Common cyber threats, attack methods and techniques (e.g. ransomware, malware, phishing, etc.)
• Phases of cyber attacks (e.g. reconnaissance, scanning, enumeration, exploitation, privilege escalation, lateral movement, persistence, etc.)

The Lead has demonstrated that he/she is able to:

• Identify cyber threats, develop and update detection measures, IOC and threat profiles.
• Recognize patterns and trends in data with strong analytical and problem-solving skills.
• Identify false positive and false negative results.
• As a manager and expert, you perform quality assurance of the products and results of all teams.
• Use and configure threat intelligence platforms and tools (e.g., MISP, ThreatConnect, OpenCTI, or equivalent).
• Stay up to date with the latest developments in cybersecurity and threat intelligence.
• Use open-source research techniques to discover related threats.
• Adhere to established rules, regulations, conventions and requirements for information security and demonstrate a sense of responsibility and ethics.
• Work independently and collaboratively in a dynamic, fast-paced environment.
• Support, guide and coach team members in technical and functional matters.
• Apply feedback to future work products.

The professional in this role will perform analysis of complex security issues and associated activities to help mitigate risk. Includes forward-looking research, planning, and strategy to strengthen our posture against future cybersecurity threats and improve our mitigation techniques, processes, and technology solutions.

Experience level: 12+ years

Location: Hyderabad / Bengaluru

Roles and responsibilities:

• Conduct in-depth technical analysis of suspicious activity using internal and external collection platforms, including but not limited to reviewing intelligence platforms, dark web conversations, metadata, and intelligence sources.
• Use proprietary and open source intelligence resources to analyze and interpret telemetry, and produce informational products, briefings, reports, and breach indicators.
• Configure and optimize internal and external threat monitoring systems to increase AT&T’s intelligence inventory and maintain a high standard of quality for cyber indicators and adversary tools, techniques, and procedures.
• Document findings and recommend remediation actions to a team of highly technical professionals with expertise in cybersecurity, threat intelligence, threat detection, networking, logging, malware and vulnerability analysis. Deliver actionable intelligence reports.
• Identify and implement new analysis techniques that go beyond those currently available.
• Detect threats and advise on detection mechanisms beyond the capabilities of common tools.
• Reduce the risk of false positive or false negative detections and improve detection logic for advanced and targeted threats missed by existing tools and controls.
• Implement new automation solutions to improve workflow efficiency.
• Be proactive and demonstrate the ability to analyze problems, generate ideas and take action, while delivering results.
• Effectively manages multiple tasks/projects with close attention to detail and meets short lead times and deadlines.
• Collaborate with leadership teams and provide subject matter expertise and insights.
• Support and guide team members in delivering high quality and actionable intelligence products/results.
• Support, guide and coach team members in technical and functional matters.

Primary / mandatory skills:

• General – Minimum 12+ years of experience in cybersecurity, threat intelligence or a related field.
• Expert knowledge of common cybersecurity concepts, tools, and frameworks (e.g., NIST, MITRE ATT&CK, SIEM, IDS/IPS, etc.).
• Demonstrated experience with advanced threat intelligence platforms and tools (e.g. MISP, ThreatConnect, OpenCTI or equivalent).
• Advanced analytical and problem-solving skills with the ability to identify patterns and trends in data and make data-driven decisions.
• Excellent communication skills, both written and verbal, and the ability to convey complex information in a clear and concise manner.
• We strive to stay current with the latest developments in cybersecurity and threat intelligence through continuous training and professional development.
• Ability to work independently as well as in a team in a fast-paced, dynamic environment.
• Sense of urgency and attention to detail.

Desired skills:

• Information Security Credentials CISSP, SANS certifications (such as GCTI/GCIH/GMON/GCFA) or equivalent
• Bachelor’s degree in computer science, cybersecurity, information technology, or related field. Master’s degree preferred.
• Knowledge of programming or scripting languages ​​(e.g. Python, PowerShell or equivalent).

Additional information (if applicable): Flexible to provide coverage during morning hours in the US as needed and as required.

Certification: Information security certificates CISSP, SANS certifications (such as GCTI / GCIH / GMON / GCFA) or equivalent.

Weekly hours:

40

Time type:

Normal

Location:

IND:KA:Bengaluru / Innovator Building, Itpb, ​​Whitefield Rd – Adm: Intl Tech Park, Innovator Bldg

AT&T’s policy is to provide equal employment opportunities (EEO) to all persons without regard to age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, sex, gender, sexual orientation, gender identity and/or expression, genetic information, marital status, status with respect to public assistance, veteran status, or any other characteristic protected by federal, state, or local law. In addition, AT&T will provide reasonable accommodations to qualified individuals with disabilities.