Primary Location: 6305 Peachtree Dunwoody Rd, Atlanta, GA, USADivision: Cox Communications IncJob Level: Individual ContributorTravel: NoSchedule: Full-timeShift: Day JobRequisition Number: 213009 Cox Communications is searching for a Cyber Defense Principal that is a thought leader within the Information Security community and can make significant contributions to the overall posture of the security program. The Principal will participate and contribute to the security community; participate/lead Red team exercises; threat model new products, projects, and technologies; provide support during incident response activities; and serve as a mentor to SOC analysts. This position does not have direct reports. This position will report to the Sr. Director of Cyber Defense. Responsibilities:
- Actively involved in the security community and presenting on relevant cyber topics.
- Threat modeling new products, projects and technologies that Cox is developing and/or implementing.
- Research, develop, and evaluate defensive tactics, techniques, and procedures (TTPs) for detecting and responding to modern cyber threats, leveraging the MITRE ATT&CK framework.
- Develop, implement and/or tune detections and content for security sensors, including Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR), and network Intrusion Prevention/Detection Systems (IPS/IDS).
- Perform offensive Red Team operations, with a focus on simulating adversaries, and testing Blue Team Detection and Response processes.
- Working alongside SOC colleagues to develop requirements for new technologies and evaluate SOC tools.
- Assist with cyber security incident response teams response efforts as needed, including as an additional point of escalation.
- Participate and contribute to industry events where knowledge on the latest TTPs and corresponding detection techniques is shared.
- Attend and present at conferences.
- Performance of other duties and responsibilities as assigned.
- 10+ years of relevant information security industry experience as part of an information security team.
- Advanced knowledge of threat landscape, malware, attack techniques, IOCs, TTPs, CSF frameworks.
- Strong knowledge of tactical security models such as the Cyber Kill Chain, MITRE ATT&CK, and diamond model analysis.
- Red team experience, with hands-on experience performing various types of penetration tests.
- Experience building detections and content for security sensors, including Endpoint Detection and Response ("EDR"), Security Information and Event Management ("SIEM"), and network Intrusion Detection Systems ("IDS").
- Experience using Kibana or Elastic Search.
- Experience with cloud security in environments such as Azure, AWS, or Google Cloud Platform hosting environments.
- Practical knowledge of a variety of hardware, software, and cloud security controls (Firewalls, routers, switches, virtualization infrastructure, IDS/IPS, DDoS, WAF, proxy, CASB, advanced malware detection, EDR, SIEM, Threat Intelligence Platform, DLP, etc.)
- Advanced writing, communication, and presentation skills.
- Able to prioritize and execute tasks in a high-pressure environment.
Principal Interview Process: The Principal position is a high-visibility role that is expected to make significant contributions to the strategic and tactical elements of the Cox Information Security program, as well as represent Cox at security conferences and events throughout the year. The Principal must have significant cyber security and technical expertise, excellent communication skills, and be highly collaborative. As such, the interview process for a Principal position is rigorous and will include a panel interview where the candidate will be asked to present and discuss their involvement in the industry. Who We Are About Cox Communications Cox Communications is committed to creating meaningful moments of human connection through broadband applications and services. The largest private telecom company in America, we proudly serve six million homes and businesses across 18 states. Were dedicated to empowering others to build a better future and celebrate diverse products, people, suppliers, communities and the characteristics that makes each one unique. About Cox We are the Cox family of businesses. Weve been making our mark since 1898 by building and evolving world-class businesses, staying true to our values, and encouraging top talent to always look for growth and impact while building a career with us. Our primary divisions - Cox Communications and Cox Automotive - are driving a new wave of innovation, powering smart cities with powerhouse broadband communications and pioneering greener, more progressive transportation alternatives for individuals and fleet operators. Were also expanding into new spaces like cleantech and healthcare to rev up our momentum toward building a better future for the next generation. Were looking for the talent today who will be our leaders tomorrow. Sound intriguing? Learn more about where we are today, where we hope youll be going with us, and the common purpose that unites us at coxenterprises.com. Cox is an Equal Employment Opportunity employer - All qualified applicants/employees will receive consideration for employment without regard to that individuals age, race, color, religion or creed, national origin or ancestry, sex (including pregnancy), sexual orientation, gender, gender identity, physical or mental disability, veteran status, genetic information, ethnicity, citizenship, or any other characteristic protected by law. Statement to ALL Third-Party Agencies and Similar Organizations: Cox accepts resumes only from agencies with which we formally engage their services. Please do not forward resumes to our applicant tracking system, Cox employees, Cox hiring manager, or send to any Cox facility. Cox is not responsible for any fees or charges associated with unsolicited resumes.
- BS/BA degree preferred (i.e., Computer Science/Engineering, Business, etc.).
- Masters or other advanced degree in the field of cybersecurity.
- Telecom/Cable industry experience.
- Experience building defenses for custom or proprietary applications.
- At least one relevant industry certification - OSCP, CISSP, SANS, CISM, CRISC, CISA, CPA, GIAC