Senior Threat Detection And Response (TDR) Engineer

Primary Location: 6305 Peachtree Dunwoody Rd, Atlanta, GA, USA

Division: Cox Communications Inc

Job Level: Individual Contributor

Travel: Yes, 5 % of the Time

Schedule: Full-time

Shift: Day Job

Requisition Number: 208443

Cox Communications is looking for a Senior Threat Detection & Response (TDR) Engineer who will serve as a technical expert inside the Security Operations Center (SOC). The Senior TDR Engineer builds, tests, maintains, and troubleshoots security alerts for use by the SOC, and supports complex investigations as necessary. The Senior TDR Engineer will make decisions and recommendations on implementing and improving security monitoring, and will contribute to successful operations within the SOC.Successful candidates will demonstrate a strong business acumen and possess a blend of general business, technology and security competencies. This is a unique opportunity to work for a telecommunications company protecting national critical infrastructure.
Primary Responsibilities:

• Write detection signatures, tune systems / tools, develop automation scripts and correlation rules.
• Maintain knowledge of adversary Tactics, Techniques, and Procedures (TTP).
• Troubleshoot problems with log parsing and SIEM configuration.
• Maintain internal knowledge bases such as mapping of detections to MITRE ATT&CK matrices, kill chains, and other attack models.
• Coordinate with and support work by third parties such as Managed Security Service Providers (MSSPs) and professional service providers.
• Work with internal teams to onboard new log sources and develop threat models.
• Identify and hunt threats within the Cox environment.
• Contribute to projects, meetings, and ad-hoc requests.
• Support and train TDR analysts.
• Support development of SOC standard operating procedures and processes.
• Detect and respond to workstation, server and network incidents using SIEM, behavioral analytics, and network analysis.
• Review and respond to escalated security events from TDR analysts.
• Respond to service provider network attacks affecting Cox critical network infrastructure and the cloud environment.

Qualifications:Minimum Requirements:

• Four or more years of technical experience in the information security field.
• Four or more years of practical experience in an incident response role.
• Experience in the application of Incident Response methodologies.
• Experience working with a SIEM with the ability to understand and modify threat detection rules.
• Experience with open source intelligence OSINT feeds.
• Strong knowledge and experience with the Windows and Linux operating systems.
• Working knowledge of cloud technologies such as Amazon, Azure and Google.
• Experience using Python, PowerShell, or equivalent scripting language.
• Strong knowledge of network protocols, web servers, authentication mechanisms, anti-virus and server applications.
• Ability to execute under pressure.
• Ability to perform independent analysis, distill relevant findings and root cause.
• Ability to communicate complex ideas clearly and effectively using written and verbal communication.

Preferred:

• BS in Computer Science, Information Systems, Engineering, etc.
• Cloud technology experience and incident response techniques.
• Experience with endpoint security agents (Carbon Black, Crowdstrike, etc.).
• Maintains an industry certification such as GCIH, CCIA, GIAC, CISSP, or CISM.
• Experience with network forensics and associated toolsets, (Suricata, WireShark, PCAP, tcpdump, etc.) and analysis techniques.
• Experience with host-based detection and prevention suites (Microsoft SCEP, Carbon Black Response, OSSEC, etc.).
• Understanding of log collection and aggregation techniques, Elastic Search, Logstash, Kibana (ELK), syslog-NG, Windows Event Forwarding (WEF), etc.

#LI-097

Who We Are

About Cox Communications

Cox Communications is committed to creating meaningful moments of human connection through broadband applications and services. The largest private telecom company in America, we proudly serve six million homes and businesses across 18 states. We're dedicated to empowering others to build a better future and celebrate diverse products, people, suppliers, communities and the characteristics that makes each one unique.

About Cox

We are the Cox family of businesses. We’ve been making our mark since 1898 by building and evolving world-class businesses, staying true to our values, and encouraging top talent to always look for growth and impact while building a career with us. Our primary divisions – Cox Communications and Cox Automotive – are driving a new wave of innovation, powering smart cities with powerhouse broadband communications and pioneering greener, more progressive transportation alternatives for individuals and fleet operators. We’re also expanding into new spaces like cleantech and healthcare to rev up our momentum toward building a better future for the next generation. We’re looking for the talent today who will be our leaders tomorrow. Sound intriguing? Learn more about where we are today, where we hope you’ll be going with us, and the common purpose that unites us at coxenterprises.com.

Cox is an Equal Employment Opportunity employer - All qualified applicants/employees will receive consideration for employment without regard to that individual’s age, race, color, religion or creed, national origin or ancestry, sex (including pregnancy), sexual orientation, gender, gender identity, physical or mental disability, veteran status, genetic information, ethnicity, citizenship, or any other characteristic protected by law.

Statement to ALL Third-Party Agencies and Similar Organizations: Cox accepts resumes only from agencies with which we formally engage their services. Please do not forward resumes to our applicant tracking system, Cox employees, Cox hiring manager, or send to any Cox facility. Cox is not responsible for any fees or charges associated with unsolicited resumes.