Jobs

Threat Intelligence Data Engineer, Cyber Security Operations (CSOC)


Job details
  • GTT Communications, Inc.
  • 3 months ago

Description

A challenging and fulfilling technology role expanding upon the current CSOC capabilities by utilising traffic flow data on GTT global network to generate inhouse threat intelligence.

The threat intelligence data engineer, Cyber Security Operations designs, builds and operates a technology platform that assesses anomalous traffic flows acros the GTT network to facilitate the generation of accurate and actionable threat intelligence

Responsible for:

- Interacting with core network engineering teams

- Management of Arista switches used for analysis

- Operation of data analytics platform

- Identification of opportunities to utilise AI in the generation of threat intelligence

- enrichment of raw traffic flow data

Main Duties

Management of threat intelligence platform.

Collaborate with internal teams such as Product Management, Development, and Corporate Security to identify and deliver functionality to continually improve our products using industry best practices and trending customer requirements.

Act as the escalation point for all matters relating to inhouse threat intelligence generation.

Build relationships and become a trusted advisor to other department that make use of threat intelligence

Assess and drive metrics for the threat intelligence platform 

Develop tools, processes and communication strategies to ensure a timely and responsive approach to both customer reported and internally identified issues.

Manage 3rd party vendors including service review and licensing requirements.

Develop employee training requirements to ensure staff are highly proficient with the use of GTT’s threat intelligence data

Technical Experience

Essential:

Certified in Arista switches

Expert level knowledge at data analytics

Benficial:

Cisco / juniper

AI / generative AI

Working Hours

Standard. 7 hours per day with 1 hour lunch break between 9am and 5:00pm.

Occasional extended hours may be required during management escalation, critical incidents and platform upgrades.

Security

SC clearance required – (by end of probation period, can be extended)

Core Competencies

Deep understanding of Arista switch configuration for the purpose of packet analysis

Understanding of data analytics and anomaly identification

Ability to generate a sense of urgency and rally appropriate resources both internally and with third parties.

Strong problem solving, priority setting, facilitation, multi-tasking, analytical, and collaboration skills.

Significant understanding of security incidents, including malware, network reconnaissance and emerging threats.

Understanding of vulnerability assessment and remediation procedures including risk management.

Understanding of SIEM functionality and topology. 

Universal Competencies

Be a positive, self-motivated proactive individual who is equally comfortable engaging with customer senior management and all levels within the GTT organisation.

Possess excellent listening, written and verbal communication skills.

High level of initiative and integrity.

Deliver the appropriate balance of business need, customer expectation and compliance requirements.

Strong organizational, presentation, meeting, and communication skills.

Have a can do attitude and demonstrate a passion for new technology and learning.

Duties and Responsibilities:

Design and development of GTT’s SDN/NFV platforms and products

Continuous improvement of the existing products and platforms

Work with product management to create/maintain/execute the SDN/NFV roadmap

Last resort operational support for SDN/NFV platforms

Coach junior architects and engineers

Sign up for our newsletter

The latest news, articles, and resources, sent to your inbox weekly.

Similar Jobs

Staff/Lead Software Engineer (Threat Intelligence)

It's fun to work in a company where people truly BELIEVE in what they're doing!We're committed to bringing passion and customer focus to the business.Corporate OverviewProofpoint is a leading cybersecurity company protecting organisations’ greatest assets and biggest risks: vulnerabilities in people. With an integrated suite of cloud-based solutions, Proofpoint helps...

Proofpoint London

GSEC AI ML Security Architect

ABOUT USWe’re building Tomorrow’s Connections Today, bringing people together through the power of our technology.Liberty Global is a world leader in converged broadband, video and mobile communications and an active investor in cutting-edge infrastructure, content and technology ventures.With our investments in fibre-based and 5G networks we play a vital role...

Liberty Global Technology Services BV Reading

GSEC AI ML Security Architect

ABOUT USWe’re building Tomorrow’s Connections Today, bringing people together through the power of our technology.Liberty Global is a world leader in converged broadband, video and mobile communications and an active investor in cutting-edge infrastructure, content and technology ventures.With our investments in fibre-based and 5G networks we play a vital role...

Liberty Global Technology Services BV London

Research & Technology Lead

Location: Templecombe, United KingdomThales people architect solutions that are relied upon to deliver operational advantage at every decisive moment throughout the mission. Defence and armed forces customers rely on us to deliver the full range of defensive systems for land, sea, and air. From early warning, to threat neutralisation, our...

Thales Templecombe

Senior AI Platform Engineer - new PurpleAI product

About Us:SentinelOne is defining the future of cybersecurity through our XDR platform that automatically prevents, detects, and responds to threats in real-time. Singularity XDR ingests data and leverages our patented AI models to deliver autonomous protection. With SentinelOne, organizations gain full transparency into everything happening across the network at machine...

SentinelOne

Cyber Security Apprentice

We support helping you settle in to your new location ensuring you are familiar with the team and have a warm welcome from day 1. There is a member of our Apprentice team at each site, helping you progress, ensuring your study time is protected, enabling access to digital learning...

Leonardo Bristol