AT&T Cybersecurity Consulting is a division of AT&T (a Fortune Global Top 10 company).  AT&T is seeking an information security practitioner with technical experience for the position of a Senior Consultant located in the western US to be a part of a dynamic team of experienced security professionals with varied experiences.  Candidate must be skilled in security infrastructure engineering, design, testing of data protection and data security solutions, vulnerability and threat management, device configuration review, and secure architecture reviews, security operations, and network and/or application penetration testing.  Prior experience performing Red/Blue team exercises is preferred.  Prior experience leading and delivering complex initiatives and customer engagements across multiple stakeholder groups. AT&T Cybersecurity Consulting clients range from some of the largest companies in the world to small businesses requiring security consulting expertise.

Job Duties:
Key functions of this role will be to consult and deliver on network security and architecture trusted advisor engagements for our customers involving SASE readiness, strategy, architecture design, and implementation. An in-depth understanding of network segmentation and optimization, firewall migration/optimization, detailed assessment and the appropriate next-generation design recommendations.  Manual and automated configuration analysis for security weaknesses in firewalls, routers, switches, servers (Windows, Unix/Linux), IDS/IDP, Databases, and other platforms as well as VoIP infrastructures will also be required.  In addition, hands on network and/or web application penetration testing, wireless network penetration testing, and/or social engineering are preferred. Successful candidates will have demonstrated experience in network security consulting and will have an understanding of network-level risk assessments with the ability to write objective, detailed reports explaining security issues.  A background in Network Architecture, Engineering, or Computer Science is required. Technical knowledge and experience with security assessment tools such as Tenable Nessus, Nipper, AlgoSec Firewall Analyzer as well as scripting (Python, PHP, & Perl, PowerShell) will be given preference.  Successful candidates will also have extensive experience using penetration testing and exploitation frameworks/platforms such as Kali Linux, Cobalt Strike, Metasploit, Veil Framework and MITRE ATT&CK frameworks and others.

Requirements:
•    Bachelors degree in Computer Science or related fields, Masters Degree preferred
•    A minimum of eight years of Information Security consulting with mid to advanced level infrastructure and cloud security design experience required
•    Very good understanding of network security architecture design processes and documentation requirements for a large customer environment
•    Well-versed in SASE and core capabilities including ZTNA, SD-WAN, FWaaS, SWG, UEBA, CASB (working knowledge of recommended and optional capabilities of SASE is also preferred).
•    Knowledge of virtualization and cloud security
•    Working Knowledge of SDN, IAM, NAC, DLP, and SIEM 
•    Well-versed in Data Security (Encryption/Decryption, Identity Management, and Security/Network Analytics)
•    Knowledge of Linux, UNIX, Windows (including Active Directory) and other operating systems
•    Knowledge of popular databases such as MSSQL, Oracle, and MySQL
•    Ability to write customized scripts using at least two of Perl, PHP, Python, PowerShell 
•    Must possess strong network device implementation/integration and troubleshooting skills 
•    Must be able to demonstrate in-depth expertise with multiple network device, cloud gateway and firewall platforms, including at least 3 of the following:
      •    Palo Alto Strata and Prisma
      •    Fortinet Fortgate, FortiGUARD, and FortiPROXY
      •    Cisco ASA (w/FirePower) & Firepower Threat Defense, TrustSec, Stealthwatch, and Umbrella
      •    Cisco IOS and NX-OS routers/switches
      •    Silver Peak

•    Must be a flexible team player, hard-working, and possess excellent communication and customer-facing skills
•    Must be self-directed, able to manage solo projects or participate as part of a larger team
•    Strong report writing and presentation skills and ability to explain complex security issues to customers in a formal presentation format required
•    Must be able to interact confidently with all levels of technical and management client teams
•    Leadership skills, being able to generate enthusiasm and commitment across multiple stakeholders within client organization
•    Security certifications such as CISSP, CISA, CISM, CEH, SANS GSEC, etc., are required and willingness to pursue further certification preferred.
•    Ability to travel 50%-75%, mostly within region, must possess drivers’ license

Technical Skills
•    Strong technical problem / resolution skills required
•    Knowledge and experience with technical network and host-based security required.
•    Mid to advanced level infrastructure or security design capabilities for environments that include 10 to 20 security devices, processes or applications across multi-cloud connected networks. 
•    Mid to advanced level knowledge of one or more of the following preferred: 
      •    SOC Operations & Management
      •    Security event monitoring
      •    Network segmentation design
      •    Network and/or application-level penetration testing 
      •    DevSecOps best practices and implementation

Additional Requirements
•    Knowledge and experience with risk and compliance assessments

Once you’re a part of the team, you’ll gain some amazing perks and benefits including paid-time off on top of paid holidays, medical/dental coverage, a 401(k) plan and tuition reimbursement. We also offer employee discounts on:

AT&T Wireless plans & features, including IOT and connected devices
AT&T internet & fiber
AT&T phone

Ready to close the deal on a career with AT&T? Apply today.

AT&T will consider for employment qualified applicants in a manner consistent with the requirements of federal, state and local laws