Primary Location: 6305 Peachtree Dunwoody Rd, Atlanta, GA, USADivision: Cox Communications IncJob Level: Manager/Senior ManagerTravel: NoSchedule: Full-timeShift: Day JobRequisition Number: 213008 Cox Communications is searching for a Manager of Cyber Detection Engineering reporting to the Sr. Director of Cyber Defense. This individual will contribute to and oversee employees/contractors responsible for designing and continually improving Coxs cyber detection capabilities. The individual will assist in conducting threat modeling exercises that help identify the latest tactics, techniques and procedures (TTPs) of attackers and subsequently updating or adding detections as appropriate. Additionally, this leader will regularly participate in red team/blue team exercises to ensure that designed detections are alerting appropriately. The Manager of Cyber Detection Engineering will collaborate regularly with Log Ingestion and Engineering team to confirm that appropriate log sources are identified, ingested, and appropriately parsed into Cyber Defense applications. Primary Responsibilities and Essential Functions:
- Build and tune detections and content for security sensors, including Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR), and network Intrusion Prevention/Detection Systems (IPS/IDS)
- Provide recommendations and coordinate configuration updates to key cyber defense tools, sensors, and agents
- Work collaboratively with the Log Ingestion and Engineering team to ensure that appropriate log sources are identified, ingested, and parsed.
- Participate in regular red team, blue team exercises providing analysis of detection performance and potential improvements
- Lead threat modeling efforts to understand potential attacker tactics techniques and procedures (TTPs) against critical company assets
- Map and continually assess Coxs cyber detections against the MITRE ATT&CK framework to ensure adoption of leading practices
- Participate and contribute to industry events were knowledge on the latest TTPs and corresponding detection techniques is shared
- Assist with computer security incident response teams response efforts as needed, including as an additional point of escalation
- Mentor and coach direct reports ensuring success in their role.
- Performance of other duties and responsibilities as assigned.
- 7 years of relevant information security industry experience as part of an information security team
- Experience building detections and content for security sensors, including Endpoint Detection and Response ("EDR"), Security Information and Event Management ("SIEM"), and network Intrusion Detection Systems ("IDS")
- Experience implementing EDR, SIEM, and IDS content in a large organization
- Experience either defending or penetration testing a large organization
- Strong knowledge of red-team tactics and techniques
- Experience translating business needs into technical security requirements
- Strong knowledge of tactical security models such as the Cyber Kill Chain, MITRE ATT&CK, and diamond model analysis
- Experience conducting forensic analysis of networks and Windows or Linux endpoints
- Experience on a security operations team and/or supporting operations teams
- Working knowledge of typically used operating systems (Windows/Linux), routers, switches, firewalls, and virtualization infrastructure.
- Excellent verbal and written communication skills.
Who We Are About Cox Communications Cox Communications is committed to creating meaningful moments of human connection through broadband applications and services. The largest private telecom company in America, we proudly serve six million homes and businesses across 18 states. Were dedicated to empowering others to build a better future and celebrate diverse products, people, suppliers, communities and the characteristics that makes each one unique. About Cox We are the Cox family of businesses. Weve been making our mark since 1898 by building and evolving world-class businesses, staying true to our values, and encouraging top talent to always look for growth and impact while building a career with us. Our primary divisions - Cox Communications and Cox Automotive - are driving a new wave of innovation, powering smart cities with powerhouse broadband communications and pioneering greener, more progressive transportation alternatives for individuals and fleet operators. Were also expanding into new spaces like cleantech and healthcare to rev up our momentum toward building a better future for the next generation. Were looking for the talent today who will be our leaders tomorrow. Sound intriguing? Learn more about where we are today, where we hope youll be going with us, and the common purpose that unites us at coxenterprises.com. Cox is an Equal Employment Opportunity employer - All qualified applicants/employees will receive consideration for employment without regard to that individuals age, race, color, religion or creed, national origin or ancestry, sex (including pregnancy), sexual orientation, gender, gender identity, physical or mental disability, veteran status, genetic information, ethnicity, citizenship, or any other characteristic protected by law. Statement to ALL Third-Party Agencies and Similar Organizations: Cox accepts resumes only from agencies with which we formally engage their services. Please do not forward resumes to our applicant tracking system, Cox employees, Cox hiring manager, or send to any Cox facility. Cox is not responsible for any fees or charges associated with unsolicited resumes.
- BS/BA degree required (i.e., Computer Science/Engineering, Business, etc.)
- Masters or other advanced degree in the field of cybersecurity
- Working knowledge of compliance requirements, such as those for government, defense, financial or healthcare industries and payment processing
- Experience building defenses for custom or proprietary applications
- Progressive experience into lead positions on either an Incident Response ("IR") team or enterprise penetration testing team
- Telecom/Cable industry experience
- Experience with carrier grade routers, switches, and firewalls
- At least one relevant industry certification - CISSP, SANS, C|EH, CISM, CRISC, CISA, CPA, GIAC