Tech Specialist, Information Security (Vulnerability Management) at AT&T Careers - AT&T Careers
Skip to Main Content

Drive innovation that’s felt
around the world.

India Jobs

AT&T was the first to deliver advanced telecommunications and technology services to companies headquartered in India. That means big things for your career. Not only will you join one of the most exciting telecom markets in the world, you’ll bring your technology expertise to local as well as international customers.

Tech Specialist, Information Security (Vulnerability Management)

Bengaluru, India

Apply

Description

AT&T is building a brand new team to support the AT&T Xandr advertising & analytics business. Leveraging the spirit of innovation that began with Alexander Graham Bell more than 140 years ago and has continued on as a part of AT&T’s legacy, Xandr is uniquely positioned to move the advertising industry forward. The foundation of that will be world class technology, and we want you to be part of our journey by joining our new technical center of excellence.

This position is part of the Xandr Cyber Security team. This operations-focused role is integral to the ongoing security and continuity of the Xandr environment. We are seeking for Information Security Analyst who can assist with maintaining and delivering the vulnerability management program to ensure vulnerabilities are managed through the lifecycle, from following procedures, environment scanning and triage through remediation. The Vulnerability Management Specialist will be responsible for all facets of the vulnerability management program, designed to mitigate cyber security threats to our environment.


- Assist in the selection and tailoring of approaches, methods, and tools to support vulnerability management service offerings and client engagements.
- Assist with developing a risk-based vulnerability management programs translating business needs, compliance and/or regulatory requirements
- Identify opportunities to improve VM program efficiencies to manage risks related to application level and infrastructure level vulnerabilities
- Drive the configuration of vulnerability assessment tools, research & analyze vulnerabilities and prioritization of identified vulnerabilities based on risk
- Prioritize identified vulnerabilities based upon severity, potential operational impact, and other factors
- Assist with overall improvement of TVM program involving identifying relevant threats, reporting, recommending corrective actions, validating patches or mitigating controls and report results
- Compile vulnerability metrics, track vulnerability aging and exceptions for all systems & environments based on information security policy
- Learn and discover business processes, internal control risk framework, IT controls, business and information technology management processes, and market trends to tailor the TVM program
- Support all TVM work streams including application security testing, bug bounty program, reducing false positives, coordinate & validate scanning and testing results
- Provide technical experience with solutions and process leveraged for the TVM program lifecycle and developing metrics
- Assist with vulnerability incident, root cause analysis and recommend improvement to improve the program
- Assist with the deployment and usage of tools to perform vulnerability assessments, in addition to identifying and resolving any false positive findings in assessment results
- Assist with developing timelines and programs to address vulnerabilities, including system patching, deployment of specialized controls, code or infrastructure changes, and recommend changes in build engineering processes
- Assist with the tracking and remediation of vulnerabilities by leveraging agreed-upon action plans and timelines with responsible technology and engineering teams
- Provide notification of potential threats by tracking vulnerabilities, exploits & threat intelligence throughout the environment
- Assist in developing action plans, schedules report as well as other management communications intended to improve the vulnerability management program
- Assist in developing action plans, schedules report as well as other management communications intended to improve the vulnerability management program

Qualifications

Required Skills, etc:
- At least 5+ years progressively more responsible experience in the IT field
- 2 years of application development and/or application support experience
- Two or more years of hands on Unix/Linux system administration
- Familiarity with Vulnerability Management framework, Security Testing life cycles, processes and procedures
- Strong understanding of Information Security principles and technologies, technical information, and security concepts related to threat landscapes
- Intermediate scripting, system administration or software engineering background (e.g. Python, Ruby, Powershell, Javascript, or Java)
- Familiarity in a variety of web application protocols, operating systems and networking technologies
- Familiarity of common network vulnerabilities, OS vulnerabilities (Linux,
Windows and OSX), application vulnerabilities, patching, attack patterns and exploits
- Familiarity with Vulnerability management tools such as Nexpose, Nessus and Qualys, Netspaker, Veracode, Blackduck etc
- Knowledge and familiarity with current security threat landscape and vulnerabilities
- Knowledge of authentication, authorization, and access control methods
- Familiarity with SANS, CIS and NIST frameworks

Additional Skills:

- Excellent troubleshooting and problem solving skills
- Excellent written and oral communication skills
- Good organizational skills
- High professional standards and desire to continue to develop skills and growth professionally
- Strong commitment and drive to deliver high quality service to all customers, regardless of whether they are internal or external
- Demonstrated ability to rapidly respond to changing needs of the business
- Certifications (Linux+, RHCSA, CEH, Security+)
- This Position is to be 2pm - 11pm shift.
Job ID 1962878 Date posted 12/21/2019

Interesting to work with AT&T which always expected their employees to groom.

Pros

You will always get the credit for your work and also will be appreciated. Even in this much of big team you will always be recognisable.

Cons

Deadlines they are giving is very short period. So, always need to extend our times in the office and sometimes need to work on holidays.

Current Employee - QA Tester
  • One Star Rating
  • Two Star Rating
  • Three Star Rating
  • Four Star Rating
Glassdoor

LifeAtATT

This is the life – the #LifeAtATT, that is. We’re creating what’s next and having a blast doing it. You’re looking for proof? Well, see for yourself.

Back to top