Principal Member of Technical Staff
Middletown, New Jersey
Job Description:
This position requires office presence of a minimum of 5 days per week and is only located in the location(s) posted. No relocation is offered.
Overview
Cloud & Network Security Design Engineer
This position seeks a highly skilled candidate with profound expertise in network security, encompassing comprehensive knowledge of Layer 2 and Layer 3 routing and switching architectures. The ideal individual will possess deep experience in the design and development of Software-Defined Networking (SDN) and Network Functions Virtualization (NFV) platforms. A thorough understanding of contemporary cybersecurity trends, evolving threats, and state-of-the-art security technologies is essential to excel in this role.
Job Contribution
- As a Network Security Design Engineer, you will be entrusted with the architecture and design of robust, resilient Layer 2 and Layer 3 networks. You will leverage cutting-edge industry standards and best practices, including Access Control Lists (ACLs), Network Access Control and Authentication Mechanisms (NACAM), Zero Trust Network Access (ZTNA), advanced firewall implementations, and routing protocol hardening techniques. Your expertise will also extend to deploying encryption and authentication technologies such as MACsec and IPsec, implementing Unicast Reverse Path Forwarding (uRPF), mitigating Distributed Denial of Service (DDoS) attacks, enforcing route authentication protocols, and utilizing AI-driven threat detection and sophisticated mitigation strategies.
- Your role will involve meticulous evaluation of network routing designs to identify, analyze, and remediate vulnerabilities across AT&T’s diverse edge, core, and cloud network environments. This responsibility includes conducting comprehensive vulnerability assessments and collaborating closely with vendors to detect and address security weaknesses. You will employ a wide array of tools and methodologies across disaggregated hardware platforms operating on Cisco, Juniper, Arista, and DriveNet network operating systems.
- In addition, you will rigorously review vendor-issued Product Security Incident Response Team (PSIRT) announcements to ensure that AT&T’s networks remain protected against pertinent vulnerabilities. Proactive development and implementation of security strategies during the early stages of the design lifecycle will be critical to safeguarding all hardware platforms. Moreover, you will be expected to respond promptly to security incidents and alerts, working in close partnership with AT&T’s Chief Security Office, certification engineers, and Operations teams to uphold and enforce security best practices in both labs and production environments.
Key Roles and Responsibilities
- Design and develop AT&T Cloud Infrastructure tactical and strategic solutions to host critical business services, ensuring robust security by adhering to industry standards and best practices in cybersecurity.
- Perform new technology validation and prototyping of merchant silicon chip-set capabilities, disaggregated network hardware, Network Operating Systems (NOS), and physical and virtual compute infrastructure components within a secure proof of concept (POC) environment, evaluating security implications and hardening requirements.
- Collaborate with cross-functional teams—including architects, designers, certification, operations, integration, planning, site engineering, and automation—in a DevOps mode to deliver scalable, resilient, repeatable, and cost-effective designs that integrate comprehensive security controls to address complex networking and threat mitigation challenges.
- Leverage industry trends in SDN/NFV network automation, programming, and database modeling to develop zero-touch provisioning and automation ecosystems with embedded security policies, ensuring secure onboarding and lifecycle management of network resources.
- Deploy and manage virtualization environments based on Linux/KVM to host virtual networking functions (VNFs), incorporating security best practices such as secure configuration, isolation, and continuous monitoring to protect virtualized assets.
- Represent the group internally across AT&T to provide functional, technical, and security leadership, and externally to manage vendor relationships with a focus on maintaining high security standards and compliance.
- Collaborate with all project stakeholders and development teams to define complex, esoteric, and exigent requirements and solutions, ensuring that security considerations are integral to all phases of design, implementation, and operation.
- Demonstrate excellent communication and presentation skills, with the ability to work effectively with team members across various organizational levels to promote a culture of security awareness and proactive risk management.
- Perform or assist with additional tasks or projects as assigned by the Supervisor, including security assessments, incident response support, and continuous improvement initiatives related to infrastructure security.
Education
- Candidate shall have a Master’s degree in Computer/Electrical Engineering/Computer Science from an accredited university with minimum of 6 years of relevant experience, or a Bachelor's degree with minimum of 8 years of relevant experience.
Experience
- Solid hands-on experience with routing and switching protocols and network services, including BGP, ISIS, OSPF, MPLS, L3VPN, L2VPN, Traffic Engineering, Segment Routing, IP Multicast, QoS, VPN, EVPN, VXLAN, IPv4, IPv6, L2 Policing, DNS, and Load Balancer, with a strong focus on securing these protocols against common vulnerabilities and attacks.
- Deep knowledge of information security principles and practices, including threat modeling, vulnerability management, cryptography, identity management, and incident response, applied specifically to network and cloud infrastructures.
- In-depth knowledge of industry trends in disaggregated hardware, Network Operating Systems (NOS), and virtualization, with an emphasis on emerging security challenges and mitigation strategies in these domains.
- Ability to script and program using languages such as C++, Python, or Perl, with experience developing security automation scripts, custom monitoring tools, or integrating security functionalities into network automation workflows.
- Advanced knowledge and experience in programming physical and virtual traffic generators, and using network diagnostic and analyzer tools such as Agilent, Spirent, Ostinato, and TRex, with the capability to leverage these tools for security testing including vulnerability assessments and penetration testing.
- Hands-on experience with virtualization and container-based technologies—including hypervisors, Kubernetes, VMs, VNFs, Docker, and Jenkins—incorporating security best practices such as isolation, secure image management, and continuous security scanning.
- Strong domain knowledge and/or experience deploying virtual machines (VMs) in private and public cloud environments such as Azure and AWS, including implementing cloud-native security controls, identity and access management (IAM), and compliance frameworks.
Preferred Certifications
- The ideal candidate will hold advanced professional certifications such as CCIE Security, Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), GIAC Security Expert (GSE), or equivalent credentials. Alternatively, a CCIE/JNCIE Routing & Switching or ISP certification combined with a minimum of five years of hands-on network security experience will be highly regarded.
Our Principal Member of Technical Staff (Cloud & Network Security Design Engineer) earns between $180,200.00 - $270,400.00 USD Annual, not to mention all the other amazing rewards that working at AT&T offers. Individual starting salary within this range may depend on geography, experience, expertise, and education/training.
Joining our team comes with amazing perks and benefits:
- Medical/Dental/Vision coverage
- 401(k) plan
- Tuition reimbursement program
- Paid Time Off and Holidays (based on date of hire, at least 23 days of vacation each year and 9 company-designated holidays)
- Paid Parental Leave
- Paid Caregiver Leave
- Additional sick leave beyond what state and local law require may be available but is unprotected.
- Adoption Reimbursement
- Disability Benefits (short term and long term)
- Life and Accidental Death Insurance
- Supplemental benefit programs: critical illness/accident hospital indemnity/group legal
- Employee Assistance Programs (EAP)
- Extensive employee wellness programs
- Employee discounts up to 50% off on eligible AT&T mobility plans and accessories, AT&T internet (and fiber where available) and AT&T phone.
#LI-Onsite – Full-time office role-
AT&T is leading the way to the future – for customers, businesses, and the industry. We're developing new technologies to make it easier for our customers to stay connected to their world. Together, we’ve built a premier integrated communications and entertainment company and an amazing place to work and grow. Team up with industry innovators every time you walk into work, creating the world you always imagined. Ready to #transformdigital with us?
Apply now!
Weekly Hours:
40Time Type:
RegularLocation:
USA:NJ:Middletown / S Laurel Ave - Bldg A:200 S Laurel Ave Bldg ASalary Range:
$180,200.00 - $270,400.00It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, AT&T will provide reasonable accommodations for qualified individuals with disabilities. AT&T is a fair chance employer and does not initiate a background check until an offer is made.
Job ID R-69033 Date posted 06/03/2025
Benefits
Your needs? Met. Your wants? Considered. Take a look at our comprehensive benefits.
- Paid Time Off
- Tuition Assistance
- Insurance Options
- Discounts
- Training & Development
Our hiring process
Apply Now
Confirm your qualifications align with the job requirements and submit your application.
Assessments
You may be required to complete one or more assessments, depending on the role.
Interview
Get ready to put your best foot forward! More than one interview may be necessary.
Conditional Job Offer
We’ll reach out to discuss a conditional job offer and the next steps to joining the team.
Background Check
Timing is important – complete the necessary actions to proceed with onboarding.
Welcome to the Team!
Congratulations! It’s time to experience #LifeAtATT.
Check your email (and SPAM) throughout the process for important messages and next steps.
Connect today
Didn’t find what you were looking for here? Sign up for our job alerts so we can connect and share the latest.