Overall Purpose: This career step requires senior level experience. Responsible for cyber security areas across products, services, infrastructure, networks, and/or applications while providing protection for AT&T, our customers, and our vendors/partners. Works with senior team members on various projects relating to the protection of devices, customers, assets, data, information technology, and networks. Supports innovation, strategic planning, technical proof of concepts, testing, lab work, and various other technical program management related tasks associated with the cyber security programs.
Key Roles and Responsibilities: Includes ideation, testing, proof of concept and support for various cyber related projects. Analysis, of complex security issues and the development and engineering activities to help mitigate risk. Analyzes various hardware and/or software solutions recommending purchases and identifying modifications to fit AT&T's cyber security needs and that of our managed services teams. Develops policies and procedures to minimize network intrusion, malware events and vulnerability issues for internal and external customers. Applies measures to block malicious code and applications. Includes forward looking research, planning and strategy to strengthen our stance against future cyber security threats, and enhance our mitigation techniques and technology solutions. Areas of work include, but are not limited to: Cyber Incident Response, cyber product testing, cyber risk & strategic analysis, cyber research, cyber awareness & training, cyber vulnerability detection & assessment, cyber intelligence & investigation, cyber networks & systems engineering, cyber security application testing, cyber digital forensics & forensics analysis, cyber software assurance, cyber business operations & support, cyber application development & testing, cyber operational support, cyber IoT planning & testing, cyber policy & requirements & standards. Job Contribution: Senior level technical expertise. Deep technical knowledge and subject matter expert on ATT technologies.
This role will be responsible for security assessments and threat modelling of various internal/external environments and ensuring technology initiatives are implemented to meet Xandr security standards and framework. The position is responsible to help protect network boundaries, keep computer systems, and network devices & systems hardened against attacks and provide security services to protect highly sensitive data like passwords and customer information.
This position will be responsible for:
40% Perform security threat assessments, threat modelling, and configuration review to ensure platforms & environments are secure and compliant to developed standards and controls
15% Support vulnerability management and incident response activities for effective threat and appropriate risk mitigation
25% Research & Develop technical content & capabilities, such as white papers, reference architectures and new security solutions that can be used by our customers to assist them in securing the environment
20% Maintain accurate and relevant information security documentation including the development of secure coding policies, procedures and standards, modification of the Software Development Process, Threat Modeling
Accreditation, Certification, or Licenses: BS/MS degree in Computer, Engineering, or related technical field. Should have CISSP, GPEN, CEH, OSCP and vendor certifications
Training and Special Skills: Deep technical familiarity with application and public cloud infrastructure security workflows. The candidate should have technical experience with Windows, Linux, Network Security, container, and Kubernetes security best practices. Must have experience in virtualization (private cloud), public cloud, SAST, DAST, and security automation. The ideal candidate should have familiarity with broad technology controls such as SAML, Kerberos, DNS, Encryption, malware evasion tactics and penetration testing/ethical hacking. The candidate should be comfortable with Stakeholder communication, Firewalls & network security, EDR, systems hardening, Chef, Puppet, Ansible, Terraform
Experience: Typically requires 5-8 years’ experience. Technical Career Pathway (TCP) role. Supervisory: No.
Job ID 2128321 Date posted 07/19/2021