Works closely with network engineering and technical operations staff as security threats and vulnerabilities are detected and coordinates the response to contain and mitigate the threat to Charter’s network. Serves as final escalation point for all security incidents. Performs digital forensics on compromised systems. Responsible for SIEM content creation and deployment. Also responsible for proactively searching for internal vulnerabilities and threats traditional security activities such as vulnerability scanning and penetration testing might not discover.
DUTIES AND RESPONSIBILITIES
- Responsible for monitoring, detecting and alerting on potential security threats and vulnerabilities to the company's telecommunications and signal processing hardware, software and electrical systems.
- Actively and consistently support all efforts to simplify and enhance the customer experience.
- Designs and implements processes and controls that acquire and correlate security relevant system and application log data to alert and report on potential security events.
- Actively searches all areas of the internal network for hidden threats and vulnerabilities.
- Serves as highest level of escalation for security incident response.
- Performs digital forensics on compromised systems.
- Mentors junior-level staff on proper security incident response and threat validity.
- Implements, maintains and monitors threat intelligence data from various resources that is relevant to Charter’s networks and systems.
- Develops and coordinates the implementation of security counter-measures with the appropriate organizations.
- Designs and implements the system logic to detect security threats.
- Recommends, designs and implements security systems and tools used by Network Security
- Operations and provides ongoing system support.
- Adheres to industry specific local, state, and federal regulations, as applicable.
- Performs other duties as requested by manager.
BASIC / MINIMUM QUALIFICATIONS
- Bachelor's Degree in Computer Science, Engineering or related field, and/or equivalent work experience
- Minimum five (5) years of engineering work experience
- Minimum three (3) years of Information security operations experience
- Minimum three (3) years of Security incident response experience
- Minimum three (3) years of experience with Network operations/engineering
ADDITIONAL JOB QUALIFICATIONS
- Ability to read, write, speak and understand the English language to communicate with employees, customers, suppliers, in person, on the phone, and by written communications in a clear, straight-forward, and professional manner
- Expert knowledge of network and system security vulnerabilities and exploits
- Must understand what is required to prevent security exploits, how to detect security attacks and anomalies and how to respond to security incidents and intrusions
- Expert knowledge of forensic methodologies and best practices to investigate intrusions, preserve evidence and coordinate a unified security response
- Demonstrated experience in managing information security events and incidents for large and sophisticated networks
- Demonstrated leadership capabilities with the ability to work across functional boundaries, build consensus and drive results
- Strong written and verbal communication skills and should have good presentation skills
- Must be a problem solver, able to balance competing priorities, have a strong process orientation and be able to manage through complexity and rapid change
- Current security certifications, such as CISSP, GCIH, GCFE, GCFA, GCTI, CHFI.
- Experience in enterprise operations
- Experience in digital forensics and incident response
- Security Information and Event Management (SIEM) content creation
- Ability to right regular expressions for correlation
- Python and other scripting language
- Office Environment
- 24x7 Network operations support
- May require some weekends and evening shift work
- On-call rotation
- Minimal Travel Required