Sign In
 [New User? Sign Up]
Mobile Version

Cybersecurity Consultant 3 - Incident Response and Forensics


Boston, MA
Job Code:
Apply on the Company Site
  • Save Ad
  • Email Friend
  • Print
  • Research Salary

Job Details

Company AT&T

Job Title Cybersecurity Consultant 3 - Incident Response and Forensics

Jobid att4-4649572

Location: Boston, MA, 02133, USA

Description As the largest communications company in the world, more
than 120 million customers count on us every day to deliver the wireless,
Internet, data and advertising services that fuel their businesses and connect
them to their world. You will find yourself connecting communications and
technology with opportunities that will take you to places you never imagined.

What does it take to join us? We demand exceptional skills
in your discipline and a real dedication to being the best.

After all, we're asked to keep AT&T profitable and on
the cutting edge, and at the same time, build on more than a century of innovation
and success. We are a world leader in communications and entertainment, and we
plan to keep on growing.

**Overall Purpose:**

AT&T Security Consulting Group is seeking an expert and
experienced Senior Consultant to provide Incident Response and Forensic (IRF)
Trusted Advisor services to AT&T’s US and global clients. Key services include: Cybersecurity Incident
and Breach Response, forensic analysis of compromised assets, malware reverse
engineering, and ultimately identification and remediation of compromised

**Key Roles andResponsibilities:**

+ Collaborates with and provides consultingservices to clients in a trusted advisor role.

+ Works on billable consulting service projects.

+ Works independently on complex projects or worksin a team as a project leader.

+ Provides advisory assessments in relation tocybersecurity breach prevention.

+ Conducts gap assessments and provides actionablerecommendations to remediate shortcomings.

+ Documents findings and recommendations inRemediation Roadmaps.

+ Manages aspects of delivery, customersatisfaction, and accurate timekeeping for billing purposes on projects wherethe consultant is the only technical resource or lead technical resource.

+ Participates in group discussions to furtherknowledge in the IRF practice and provides peer review of deliverables.


+ In a sales support role, meeting with customersas an IRF SME in support of sales team.

+ Support in identifying additional sales leads onassigned projects and beyond.

+ Attending sales conference calls or clientmeetings, support in scoping and developing SOWs/proposals.


+ Bachelor’s degree desired or equivalentexperience and a minimum of five (5) years of enterprise security related workexperience. Master’s Degree in atechnical discipline preferred.


+ Demonstrated expert understanding of the lifecycle of network threats, attacks, attack vectors, and methods of exploitationwith an understanding of intrusion set tactics, techniques, and procedures.

+ In-depth knowledge of architecture, engineering,and operations of at least one enterprise SIEM platform.

+ Advanced understanding of TCP/IP, commonnetworking ports and protocols, traffic flow, system administration, OSI model,defense-in-depth, and common security elements.

+ Demonstrated hands-on experience analyzing highvolumes of logs, network data (e.g. NetFlow, Full Packet Capture), and otherattack artifacts in support of incident investigations.

+ Experience and proficiency with any of thefollowing: Anti-Virus, HIPS, IDS/IPS, Full Packet Capture, Host-BasedForensics, Network Forensics.

+ Experience with malware analysis concepts andmethods.

+ Familiarity or experience in Cyber Kill Chainmethodology.

+ Knowledge of Virtualization and Cloud security.

+ Knowledge of Linux, UNIX, Windows (includingActive Directory) and other operating systems.

+ Knowledge of popular databases such as MSSQL,Oracle, and MySQL.

+ Must be a flexible team player, hard-working,and possess excellent communication and customer-facing skills.

+ Must be self-directed, able to manage soloprojects or participate as part of a larger team.

+ Strong report writing skills and ability toexplain complex security issues to customers in a formal presentation format.

+ Must be able to interact confidently with alllevels of technical and management client teams.

+ One Security certification such as CISSP, CISA,CISM, PCI QSA, CEH, SANS GSEC, etc., is required and willingness to pursuefurther certification preferred.

+ Ability to travel 50%-75%, mostly within region,must possess drivers’ license.


+ Knowledge and experience with risk andcompliance assessments.

+ SCADA / Control systems network experience aplus.

+ VoIP Infrastructure knowledge a plus.

+ Bi-lingual candidates a plus.

Apply on the Company Site

Featured Jobs[ View All ]

Featured Employers [ View All ]