Specialist Cybersecurity - DAST/SAST/SCA
Bengaluru, India
Job Description:
About the Company:
At AT&T, we’re connecting the world through the latest tech, top-of-the-line communications and the best in entertainment. Our groundbreaking digital solutions provide intuitive and integrated experiences for millions of customers across online, retail and care channels. Join our mission to deliver compelling communication and entertainment experiences to customers around the world as we continue to evolve as a technology-powered, human-centered organization. As part of our team, you’ll transform the way we deliver a seamless customer experience with digital at the center of all you do. In our world, digital is much larger than just an eCommerce channel, we are transforming all channels to digitally perform as one team to create a better customer experience. As we move into 2024, the digital transformation will revolutionize the digital space and you can build a career that will propel your future.
About the Job:
This position is a Senior Specialist Cyber Security for performing Application Security Testing in Cyber Security Organization. This profile will be passionate in preventing risk by identifying vulnerabilities in the applications of the enterprise by configuring scan settings for effective vulnerability enumeration, Identify and document findings, approve false positives and define/document approved mitigations used by AppSec Testers.
Experience Level: 8+ years
Location: Hyderabad or Bengaluru
Roles and Responsibilities:
- Perform SAST/SCA/DAST scans using industry vulnerability scanner
- SAST/SCA – Veracode, using supplied compiled binary, configure scan platform to correct scan for both static code CWE’s as well as SCA derived CVEs. Work will include coordination with app owner to ensure all branches of code are included in compiled binary file.
- DAST – Work begins with crawling the target application to identify existing directory and file structure. Once identified, execute DAST scan using HCL product to identify dynamic issue only visible during code execution.
- During testing process, tester MUST ensure application is not degraded and/or taken out of service due to scanning activities
- Tester must ensure results from scanner are present in VM reporting platforms and visible to approved app users
- Perform manual validation and false-positive analysis on the automated scan results.
- Provide remediation support will analyze the top-rated vulnerabilities along with provide support to application teams on remediation strategies from identified risks.
- Execute scan retest by performing revalidation tests of previously identified critical and high severity vulnerabilities as requested by the client application teams.
Primary / Mandatory skills:
Overall – 8+ years of IT experience
- 7+ years of application security Experience
- 5+ years of Application Security testing Experience
- Bachelor's degree required.
- Deep familiarity with the OWASP Top 10 and other security concerns for web applications
- Deep Understanding of OWASP Application Security Verification Standards (ASVS)
- Deep understanding of SAST, DAST, SCA Scanning practices
- Experience in scanning leveraging Veracode, Appscan.or other enterprise tools.
- Understand how to interpret and assess CVEs (Common Vulnerability and Exposures) and CWEs (Common Weakness Enumeration) as found by scanning tools
- Understanding of SAST, DAST tools and dependency scanning tools
- Experience working/integrating with secret management systems
- Advanced knowledge of front-end and back-end web application development in at least one technology stack (.NET, Java, PHP, Ruby/Rails, Angular, Node.js, etc.)
- Track record of staying current with trends, techniques, tools, and processes that drive improvement of security posture of applications
- Strong documentation skills
- Excellent verbal and written communication skills, with proven technical writing abilities (English language proficiency required)
- Team-oriented thinking with demonstrated ability to produce high-quality work as part of a fast-paced, dynamic team
- Proven ability to communicate, collaborate, and present effectively with teams and individuals in different disciplines or areas
Technical Skills: SAST, DAST, SCA
Additional information (if any): Flexible to provide coverage in US morning hours upon need.
Certification: CSSLP or equivalent
#Cybersecurity
Weekly Hours:
40Time Type:
RegularLocation:
IND:KA:Banglaore / Intl Tech Park, Whitefield Rd - Storage: Innovator Building, Itpb, Whitefield RdIt is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, AT&T will provide reasonable accommodations for qualified individuals with disabilities. AT&T is a fair chance employer and does not initiate a background check until an offer is made.
Job ID R-69182 Date posted 06/06/2025
Benefits
Your needs? Met. Your wants? Considered. Take a look at our comprehensive benefits.
- Paid Time Off
- Tuition Assistance
- Insurance Options
- Discounts
- Training & Development
Our hiring process
Apply Now
Confirm your qualifications align with the job requirements and submit your application.
Assessments
You may be required to complete one or more assessments, depending on the role.
Interview
Get ready to put your best foot forward! More than one interview may be necessary.
Conditional Job Offer
We’ll reach out to discuss a conditional job offer and the next steps to joining the team.
Background Check
Timing is important – complete the necessary actions to proceed with onboarding.
Welcome to the Team!
Congratulations! It’s time to experience #LifeAtATT.
Check your email (and SPAM) throughout the process for important messages and next steps.
Connect today
Didn’t find what you were looking for here? Sign up for our job alerts so we can connect and share the latest.