Threat Detection and Response (TDR) Analyst

Primary Location: 6305 Peachtree Dunwoody Rd, Atlanta, GA, USA

Division: Cox Communications Inc

Job Level: Individual Contributor

Travel: Yes, 5 % of the Time

Schedule: Full-time

Shift: Day Job

Requisition Number: 210532

Cox Communications is looking for a Threat Detection & Response (TDR) Analyst that will report to the Senior Manager of Threat Detection and Response monitor and will respond to cyber threats facing Cox networks, systems and information assets. The TDR Analyst will monitor for and respond to cyber threats facing Cox network, system and information assets. The TDR Analyst will achieve this objective by collecting and analyzing threat intelligence, performing security monitoring activities and conducting incident response in a proactive manner.

Successful candidates will also demonstrate a strong business acumen and possess a blend of general business, technology and security competencies.

Primary Responsibilities:

  • Perform monitoring of Cox networks, systems, and information assets for security events to promptly detect cyber incidents and mitigate their impact to the organization.
  • Detect and respond to workstation, server and network incidents using SIEM, behavioral analytics, and network analysis.
  • Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) to identify potential threats to network security.
  • Document and escalate cyber incidents that may cause ongoing and immediate impact to the environment.
  • The TDR Analyst will respond in a consistent and well-organized manner to help mitigate the impact of cybersecurity incidents on the Cox environment.
  • Update scenario-based procedures, classifications, techniques, guidance as required.
  • Perform incident triage, to include scope, urgency, potential impact, making recommendations that enable expeditious remediation.
  • Track and document cybersecurity incidents from detection through resolution.
  • Stay abreast of the latest trends in threat intelligence, security monitoring and incident response.
  • Collect intelligence data from relevant sources including subscription and open-source feeds.
  • Monitor and report changes in threat dispositions, activities, tactics, capabilities, objectives as related to designated cyber operations warning problem sets.
  • Will operate in a proactive threat intelligence and active defense program to collect and analyze threat intelligence data and incorporate it to enable decision-making at both the operational and strategic levels, as needed.


  • Compensation includes a base salary of $80,499 - 100,599. Salary may vary outside of the anticipated range based on factors such as the ultimate location of the position and the selected candidates experience.
  • Position is eligible for additional compensation that may include commission (annual, monthly, etc.) and/or and incentive program.


Minimum Requirements:

  • 3 or more years of technical experience in the Information Security field
  • Experience writing, reviewing and editing cyber-related intelligence/assessment products from multiple sources
  • Experience triaging security events using a variety of tools including QRADAR in a security operations environment.
  • Experience with packet flow, TCP/UDP traffic, firewall technologies, IDS technologies (e.g., Snort rules), proxy technologies, and antivirus, spam and spyware solutions.
  • Experience conducting incident response activities and seeing incidents through to successful remediation.
  • Experience with a programming/scripting language such as Python, Perl or similar.
  • Ability to accurately and completely source all data used in intelligence, assessment and/or planning products.
  • Deep knowledge of computer networking concepts and protocols, and network security methodologies.
  • Deep knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions.
  • Strong understanding of network traffic analysis methods including packet-level analysis.
  • Deep knowledge of network security architecture concepts including topology, protocols, components, and principles.
  • Strong understanding of malware analysis concepts and methodologies.
  • Solid ability to employ incident handling methodologies.
  • Deep knowledge of cyber-attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
  • Strong process execution, time management and organizational skills.
  • Strong work ethic, leadership skills, initiative and ownership of work.
  • Solid ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.
  • High proficiency with common cybersecurity management frameworks, regulatory requirements and industry leading practices.
  • At least one of the following certifications is required or must be obtained within your first 12 months of employment: CISSP, CEH and/or the following SANS certifications: GCIH, GCFE, GCFA, GREM, GPEN, GWAPT, GXPN are preferred, but not required.


  • BS in Computer Science, Information Systems, Engineering, etc.
  • Experience with endpoint security agents (Carbon Black, Crowdstrike, etc.)
  • Experience with network forensics and associated toolsets, (Suricata, WireShark, PCAP, tcpdump, etc.) and analysis techniques.
  • Experience with host-based detection and prevention suites (Microsoft SCEP, OSSEC, etc.)
  • Understanding of log collection and aggregation techniques, Elastic Search, Logstash, Kibana (ELK), syslog-NG, Windows Event Forwarding (WEF), etc.

Who We Are

About Cox Communications

Cox Communications is committed to creating meaningful moments of human connection through broadband applications and services. The largest private telecom company in America, we proudly serve six million homes and businesses across 18 states. Were dedicated to empowering others to build a better future and celebrate diverse products, people, suppliers, communities and the characteristics that makes each one unique.

About Cox

We are the Cox family of businesses. Weve been making our mark since 1898 by building and evolving world-class businesses, staying true to our values, and encouraging top talent to always look for growth and impact while building a career with us. Our primary divisions - Cox Communications and Cox Automotive - are driving a new wave of innovation, powering smart cities with powerhouse broadband communications and pioneering greener, more progressive transportation alternatives for individuals and fleet operators. Were also expanding into new spaces like cleantech and healthcare to rev up our momentum toward building a better future for the next generation. Were looking for the talent today who will be our leaders tomorrow. Sound intriguing? Learn more about where we are today, where we hope youll be going with us, and the common purpose that unites us at

Benefits of working at Cox may include health care insurance (medical, dental, vision), retirement planning (401(k)), and paid days off (sick leave, parental leave, flexible vacation/wellness days, and/or PTO). For more details on what benefits you may be offered, visit our benefits page.

Cox is an Equal Employment Opportunity employer - All qualified applicants/employees will receive consideration for employment without regard to that individuals age, race, color, religion or creed, national origin or ancestry, sex (including pregnancy), sexual orientation, gender, gender identity, physical or mental disability, veteran status, genetic information, ethnicity, citizenship, or any other characteristic protected by law.

Statement to ALL Third-Party Agencies and Similar Organizations: Cox accepts resumes only from agencies with which we formally engage their services. Please do not forward resumes to our applicant tracking system, Cox employees, Cox hiring manager, or send to any Cox facility. Cox is not responsible for any fees or charges associated with unsolicited resumes.

Full time
Atlanta, GA 30328, US