AlienVault is hiring: Principal Cybersecurity Threat Hunter in Bedminster
AlienVault, Bedminster, NJ, United States
Job Overview Job Description:Join AT&T and reimagine the communications and technologies that connect the world. Our Consumer Technology experience team is delivering innovative and reliable technology solutions to power differentiated, simplified customer experiences. Bring your bold ideas and fearless risk-taking to redefine connectivity and transform how the world shares stories and experiences that matter. When you step into a career with AT&T, you won't just imagine the future-you'll create it.The Principal Cybersecurity Threat Hunter will work with the Cyber Security Hunt Team to engage in targeted security testing to uncover vulnerabilities in networks, systems and applications. The testing will go beyond the vulnerabilities identified by standard tools; the candidate is expected to be creative and innovative in their approach and in the development of new or modified tools and techniques.The Principal Cybersecurity Threat Hunter will:Perform formal and informal targeted 'Hunts' to identify vulnerabilities in cloud-hosted and web-based applications, API interfaces, databases, big data environments, networks, computer systems, mobile applications, Software Defined Networks and IoT (Internet of Things) devices and systems.Design and create new/custom hunting tools and tests.Employ tactics to uncover security holes (poor user security practices, weak methods, and procedures, etc.)Determine methods that attackers could use to exploit weaknesses and logic flaws and identify counter-measures to thwart attacks.Research, document and discuss security findings with management, security teams and IT teams.Provide feedback and verification as an organization fixes security issues.Identify, review, and recommend improvements for security services, system administration practices, and development/system integration methodology to improve the company's cybersecurity posture.QualificationsRequires Daily Office Presence (3-5 days a week) at one of the listed locations.Preferred Bachelor's degree in Information Systems, Engineering, Mathematics or Cyber Security or equivalent experience.Requires 8-10 years of related experience.Deep understanding of Transmission Control Protocol / Internet Protocol (TCP/IP) protocols, devices, security mechanisms and how they operate. Strong understanding of network security threats including APT, botnets, Distributed Denial of Service (DDoS) attacks, worms, and network exploits.Experience with network probing/testing/analysis tools (Nessus, nmap, burp, wireshark, etc.)Deep technical knowledge of Windows, UNIX and Linux operating systems as both an expert user and system administratorProgramming skills that will be used to construct, modify, and execute testing tools including shell (ksh, bash), [g]awk, Python, PERL, regex, .NET Programming, Java, C, C++, C#, PowerShell, curl, Web application development (PHP, ASP.NET, etc.)Comprehensive knowledge of software security testing principles, practices, and tools, experience of vulnerability assessments in a complex environment.Experience with Malware (including reverse engineering) and with internal and external attacks.Experience or familiarity with vulnerability analysis, computer forensics tools, cryptography principles.Excellent teamwork skills for collaboration on analysis techniques, implementation, and reporting. Must be able to work both independently as well as effectively work in teams of individuals with a variety of skills and backgrounds.Excellent written and verbal communication skills and have demonstrated ability to present material to senior officials.Highly self-motivated requiring little direction.Demonstrates creative/out-of-the-box thinking and good problem-solving skills.Desired Skills & Experience:Strong knowledge of an enterprise architectureExperience with database management software (Oracle, MongoDB, MySQL, DB2, etc.)Ability to obtain a strong and ongoing understanding of the technical details involved in current APT threats and exploits involving various operating systems, applications, and networking protocols.Knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors.Understanding of cloud-based architectures and highly distributed big data architecturesUnderstanding of mobile android and iOS environments and app developmentExperience with application security testing tools, such as Qualys Web App Security, IBM AppScan, HP WebInspect, HP Fortify, Metasploit framework.Knowledge of security frameworks (ISO 27001/27002, NIST, HIPPA, SOX, etc.)One or more of these certificationsCEH: Certified Ethical HackerCPT: Certified Penetration TesterCEPT: Certified Expert Penetration TesterGPEN: GIAC Certified Penetration TesterOSCP: Offensive Security Certified ProfessionOur Principal-Cybersecurity employees earn between $158,200 - $237,400. Not to mention all the other amazing rewards that working at AT&T offers. Individual starting salary within this range may depend on geography, experience, expertise, and education/training.Joining our team comes with amazing perks and benefits:Medical/Dental/Vision coverage401(k) planTuition reimbursement programPaid Time Off and Holidays (based on date of hire, at least 23 days of vacation each year and 9 company-designated holidays)Paid Parental LeavePaid Caregiver LeaveAdditional sick leave beyond what state and local law require may be available but is unprotected.Adoption ReimbursementDisability Benefits (short term and long term)Life and Accidental Death InsuranceSupplemental benefit programs: critical illness/accident hospital indemnity/group legalEmployee Assistance Programs (EAP)Extensive employee wellness programsEmployee discounts up to 50% off on eligible AT&T mobility plans and accessories, AT&T internet (and fiber where available) and AT&T phoneWeekly Hours:40Time Type:RegularLocation:Bedminster, New JerseySalary Range: $141,300.00 - $237,400.00It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, AT&T will provide reasonable accommodations for qualified individuals with disabilities. Job ID R-15902 Date posted 04/26/2024