Cox Communications is searching for a Security Consultant who will report to the Senior Manager, Threat Detection & Incident Response (SOC Manager) in the role of Threat Intelligence Analyst.  The individual will conduct attack and threat analysis that can drive proactive threat detection and mitigation and support incident response.  The Security Consultant will work closely with other Cox Security Command Center/SOC analysts to shape assessments of potentially malicious activity and build new analytical workflow leveraging both internal and external intelligence sources.  The Security Consultant will also need to work across business lines to gain knowledge of different segments within Cox Communications infrastructure to understand their value from the adversary’s perspective.
Successful candidates will be intellectually curious, have a background in threat intelligence analysis, and have a strong foundation in computer networking and malware combined with an understanding of highly capable threat actor TTPs.  Successful candidate will be a self-starter and able to deliver high-quality results with minimal supervision.
Primary Responsibilities And Essential Functions :
  • Effectively ascertain and leverage trustworthy open and closed-source cyber threat intelligence data feeds.
  • Evaluate intelligence feeds and recommend modification or new feeds as necessary.
  • Independently research and comprehensively analyze actionable threat observables at both the network and host level.
  • Analyze technical data to identify and extract attacker TTPs, identify unique malware attributes, and pivot to related activity or information that could inform other defensive, mitigation, or hardening efforts.
  • Leverage intelligence analysis to steer active hunt or incident response efforts.
  • Provide written assessments of adversarial capability, intent, and goals based upon cyber threat research; verbally communicate assessments clearly to management and other team members.
  • Utilize external reporting and internal insights to identify and report emerging and persistent threats to the organization’s networks, systems, and applications.
  • Develop models for identifying suspicious activity, of malware or bad actors, using statistical analysis.
  • Share IOC models with trusted parties for validation and collaboration.
  • Guide other security analysts in their analytical approach.
  • Provide technical recommendations pertaining to risks and control measures associated with emerging threats.


  • 4+ years of information security experience, preferably in the areas of cyber threat intelligence or penetration testing.
  • Strong intelligence analytical tradecraft.
  • Advanced understanding of cyber threat vectors and countermeasures.
  • Experience in vulnerability research, malware analysis and exploit investigation.
  • Familiarity with the cyber kill chain; ability to apply kill chain methodology to proactive mitigation efforts and analysis of potentially malicious activity.
  • Familiarity with STIX, TAXII, and JSON.
  • Familiarity with Snort/Suricata IDS rule syntax.
  • Python or Perl scripting experience.
  • Understanding of Windows platforms including security features and administrator tools.
  • Solid understanding of networking (WAN, LAN, wLAN), network domains (Internet, intranet, DMZ), communication techniques/protocols (IP and others), and their combined effects on network and host systems security.
  • Ability and interest to learn other new skills as required, including database technologies and new scripting and programming languages.
  • Ability to communicate technical details in a clear, comprehensible manner to team members and management.
  • Highly motivated with the ability to self-start, prioritize, multi-task and work in a team setting.
  • Intelligence Community experience and/or experience at a military organization conducting cyber or security/intelligence related work.
  • Membership in closed security communities.
  • Possession of current GPEN, CEH, or similar certifications.
  • Experience evaluating systems and network devices and enterprise networks for security vulnerabilities.
  • Experience on an Incident Response team.
  • Experience working in a Security Operations/Intelligence/Fusion Center.
  • Experience working with SIEM technologies.
  • Experience in leveraging statistical modeling and analysis to infer possible cybersecurity threats.
  • Experience working with hunting tools and technologies.
  • Basic Linux system administration skills.
  • Experience with digital forensics techniques.
  • Experience in the Telecommunications industry.



About Cox Communications

Cox Communications is a broadband communications and entertainment company, providing advanced digital video, Internet, telephone and home security and automation services over its own nationwide IP network. Cox Business is a facilities-based provider of voice, video and data solutions for commercial customers, and Cox Media is a full-service provider of national and local cable spot and digital media advertising. Cox is known for its pioneering efforts in broadband, voice and commercial services, industry-leading customer care and its outstanding workplaces. Cox Communications, a wholly owned subsidiary of Cox Enterprises, is available at and

Organization: Cox Communications, Inc.

Primary Location: US-GA-Atlanta-6305 Peachtree Dunwoody Rd

Employee Status: Regular

Job Level: Individual Contributor

Shift: Day Job

Travel: No

Schedule: Full-time

Unposting Date: Ongoing


Leave a Reply