Skip to content


Atlanta, Georgia - USD Full Time Posted: Thursday, 12 July 2018
Overall Purpose: AT&T; Security Consulting Group is seeking an expert and experienced Senior Consultant to provide Incident Response and Forensic (IRF) Trusted Advisor services to AT&T; s US and global clients. Key services include: Cybersecurity Incident and Breach Response, forensic analysis of compromised assets, malware reverse engineering, and ultimately identification and remediation of compromised assets.
Key Roles and Responsibilities:
  • Collaborates with and provides consulting services to clients in a trusted advisor role.
  • Works on billable consulting service projects.
  • Works independently on complex projects or works in a team as a project leader.
  • Provides advisory assessments in relation to cybersecurity breach prevention.
  • Conducts gap assessments and provides actionable recommendations to remediate shortcomings.
  • Documents findings and recommendations in Remediation Roadmaps.
  • Manages aspects of delivery, customer satisfaction, and accurate timekeeping for billing purposes on projects where the consultant is the only technical resource or lead technical resource.
  • Participates in group discussions to further knowledge in the IRF practice and provides peer review of deliverables.
Secondary Responsibilities:
  • In a sales support role, meeting with customers as an IRF SME in support of sales team.
  • Support in identifying additional sales leads on assigned projects and beyond.
  • Attending sales conference calls or client meetings, support in scoping and developing SOWs/proposals.
  • Bachelor s degree desired or equivalent experience and a minimum of five (5) years of enterprise security related work experience. Master s Degree in a technical discipline preferred.
  • Demonstrated expert understanding of the life cycle of network threats, attacks, attack vectors, and methods of exploitation with an understanding of intrusion set tactics, techniques, and procedures.
  • In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform.
  • Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth, and common security elements.
  • Demonstrated hands-on experience analyzing high volumes of logs, network data (e. g. NetFlow, Full Packet Capture), and other attack artifacts in support of incident investigations.
  • Experience and proficiency with any of the following: Anti-Virus, HIPS, IDS/IPS, Full Packet Capture, Host-Based Forensics, Network Forensics.
  • Experience with malware analysis concepts and methods.
  • Familiarity or experience in Cyber Kill Chain methodology.
  • Knowledge of Virtualization and Cloud security.
  • Knowledge of Linux, UNIX, Windows (including Active Directory) and other operating systems.
  • Knowledge of popular databases such as MSSQL, Oracle, and MySQL.
  • Must be a flexible team player, hard-working, and possess excellent communication and customer-facing skills.
  • Must be self-directed, able to manage solo projects or participate as part of a larger team.
  • Strong report writing skills and ability to explain complex security issues to customers in a formal presentation format.
  • Must be able to interact confidently with all levels of technical and management client teams.
  • One Security certification such as CISSP, CISA, CISM, PCI QSA, CEH, SANS GSEC, etc., is required and willingness to pursue further certification preferred.
  • Ability to travel 50%-75%, mostly within region, must possess drivers license.
Additional Requirements
  • Knowledge and experience with risk and compliance assessments.
  • SCADA/Control systems network experience a plus.
  • VoIP Infrastructure knowledge a plus.
  • Bi-lingual candidates a plus.
Additional Information:

Atlanta, Georgia, United States of America
7/12/2018 5:58:35 AM

We strongly recommend that you should never provide your bank account details to an advertiser during the job application process. Should you receive a request of this nature please contact support giving the advertiser's name and job reference.