Lead Cybersecurity - Network Threat Analyst
AT&T · Charlotte, North Carolina, United States · $141K–$212K/yr
Telecommunications · 10,001+ employees
About the role
The Lead Cybersecurity Network Threat Analyst investigates and researches cyber threats using network analysis tools. They derive actionable threat intelligence and provide analytical support to the Chief Security Office Cyber Operations organization.
What they look for
Requirements
Candidates should have a bachelor's degree in a related field and at least 5 years of experience in cybersecurity or a related area. Knowledge of common cybersecurity concepts, tools, and network threats is essential.
Benefits
Full description
This position requires office presence of a minimum of 5 days per week and is only located in the location(s) posted. No relocation is offered.
Join AT&T and help shape the future of communications and technology that connect the world. We value innovators who seek to explore the unknown and challenge the status quo. Bring your bold ideas and fearless spirit to redefine connectivity and transform how people share stories and experiences. At AT&T, you won’t just imagine the future—you’ll build it.
The Lead Cybersecurity Network Threat Analyst investigates and researches cyber threats using network analysis tools and techniques. The Network Threat Analyst derives actionable threat intelligence and provides analytical support to the Chief Security Office Cyber Operations organization.
The Network Threat Analyst will:
- Perform deep technical analysis of suspicious network activity using internal network collection platforms, including but not limited to flow analysis, packet analysis, review of metadata and intelligence sources.
- Use proprietary and open-source intelligence sources to analyze and interpret network telemetry, produce informative products, briefs, reports, and indicators of compromise.
- Configure and optimize internal and external threat monitoring systems to increase AT&T's intelligence holdings to maintain a high standard of quality for network cyber indicators.
- Document findings and recommend remediation action to a team of highly technical professionals with expertise in cybersecurity, threat intelligence, threat detection, networking, log, malware, and vulnerability analysis.
- Identify and implement new analysis techniques, beyond those currently available.
- Detect network threats beyond the capabilities of common tools.
- Reduce the risk of False Positive or False Negative detections and improve detection logic for advanced and targeted threats that are missed by existing tools and controls.
- Implement new automation solutions to improve workflow efficiency.
- Create detailed and accurate reports and professional briefings documenting findings to share with a variety of audiences.
- Recommend and oversee implementation of technical requirements to ensure platform meets analysis needs.
- Develop, test, and operationalize AI-assisted threat analysis workflows (e.g., enrichment, clustering, summarization, and triage) to improve speed and consistency of investigations.
- Evaluate and validate AI outputs for accuracy, bias, and security relevance; apply human-in-the-loop review and document decision rationale for key analytical judgments.
- Use AI tools in alignment with enterprise security, privacy, and data-handling requirements; ensure sensitive data is protected and only approved tools and datasets are used.
- Create and maintain reusable prompts, playbooks, and automation scripts that integrate AI with existing detection, telemetry, and case-management workflows.
- Define and track quality metrics for AI-assisted analysis (e.g., precision/recall impact, time-to-triage, false positive reduction) and iterate based on outcomes.
- Partner with detection engineering, data science, and platform teams to onboard new AI capabilities, test changes safely, and transition prototypes into repeatable operations.
- Provide guidance to analysts on effective and responsible use of AI during investigations, including limitations, verification steps, and escalation paths.
Qualifications:
- Bachelor's degree in computer science, cybersecurity, information technology, or a related field.
- 5+ years of experience in cybersecurity, threat intelligence, networking or a related field.
Demonstrated Knowledge or use of:
- Common cybersecurity concepts, tools, and frameworks (e.g., NIST, MITRE ATT&CK, SIEM, IDS/IPS, etc.)
- Common network threats, attack methods and techniques (DDoS, brute force, spoofing, MITM, etc.)
- Common network concepts, technologies, controls, and protocols (e.g. IDS/IPS/Routing/VPN/ICMP/BGP/UDP/TCP/SSL/HTTP/SMTP, etc.)
- Cyber-attack stages (e.g. reconnaissance, scanning, enumeration, exploitation, privilege escalation, lateral movement, persistence, etc.)
- Network analysis tools/technologies (Wireshark, Netwitness, SNORT, SURICATA, ZEEK, PCAP, NETFLOW, etc.)
- Programming or scripting languages (e.g., Python, PowerShell, or equivalent)
- Investigative tools and techniques.
Demonstrated ability to:
- Identify network threats and create detective measures and IOCs.
- Identify patterns and trends in data with strong analytical and problem-solving skills.
- Identify False Positives and False Negatives.
- Use and configure threat intelligence platforms and tools (e.g., MISP, ThreatQ, OpenCTI or equivalent).
- Stay current with the latest developments in cybersecurity and threat intelligence.
- Work independently and collaboratively in a fast-paced & dynamic environment.
- Use Windows and Linux.
- Use Open-Source Research Techniques to discover related threats.
- Adhere to established rules, regulations, conventions, and information protection requirements with a demonstrated sense of responsibility and ethics.
- Apply feedback to future work products.
- Effectively communicate to convey complex information in a clear and concise manner in both written and oral formats.
- Use AI tools, analysis techniques, and technologies and expertly apply them to network threat analysis, including validating outputs and documenting methodology.
Desired:
- Relevant cybersecurity certifications (e.g., CISSP, Security+, CEH, or equivalent)
- Ability to qualify for a TS/SCI security clearance.
Education/Experience: Bachelor’s degree (BS/BA) desired in Computer Science or Cybersecurity. 5+ years of related experience. Certification is required in some areas.
Supervisor:
No
Our Lead Cybersecurity earns between $141,300-$211,900 USD Annual, not to mention all the other amazing rewards that working at AT&T offers. Individual starting salary within this range may depend on geography, experience, expertise, and education/training.
Joining our team comes with amazing perks and benefits:
- Medical/Dental/Vision coverage
- 401(k) plan
- Tuition reimbursement program
- Paid Time Off and Holidays (based on date of hire, at least 23 days of vacation each year and 9 company-designated holidays)
- Paid Parental Leave
- Paid Caregiver Leave
- Additional sick leave beyond what state and local law require may be available but is unprotected
- Adoption Reimbursement
- Disability Benefits (short term and long term)
- Life and Accidental Death Insurance
- Supplemental benefit programs: critical illness/accident hospital indemnity/group legal
- Employee Assistance Programs (EAP)
- Extensive employee wellness programs
- Employee discounts up to 50% off on eligible AT&T mobility plans and accessories,
- AT&T internet (and fiber where available) and AT&T phone.
#LI-Onsite – Full-time office role-
Ready to join our team? Apply today.
Our Lead Cybersecurity jobs earn between $141,300.00 - $211,900.00 USD Annual. Not to mention all the other amazing rewards that working at AT&T offers. Individual starting salary within this range may depend on geography, experience, expertise, and education/training. Joining our team comes with amazing perks and benefits:
- Medical/Dental/Vision coverage
- 401(k) plan
- Tuition reimbursement program
- Paid Time Off and Holidays (based on date of hire, at least 23 days of vacation each year and 9 company-designated holidays)
- Paid Parental Leave
- Paid Caregiver Leave
- Additional sick leave beyond what state and local law require may be available but is unprotected
- Adoption Reimbursement
- Disability Benefits (short term and long term)
- Life and Accidental Death Insurance
- Supplemental benefit programs: critical illness/accident hospital indemnity/group legal
- Employee Assistance Programs (EAP)
- Extensive employee wellness programs
- Employee discounts up to 50% off on eligible AT&T mobility plans and accessories, AT&T internet (and fiber where available) and AT&T phone
Weekly Hours:
40
Time Type:
Regular
Location:
USA:NC:Charlotte / Ibm Dr - Adm:8505 Ibm Dr
Salary Range:
$141,300.00 - $211,900.00
It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, AT&T will provide reasonable accommodations for qualified individuals with disabilities. AT&T is a fair chance employer and does not initiate a background check until an offer is made.