Principal - Cybersecurity - Cloud at AT&T Careers - AT&T Careers
Skip to Main Content

Make your next
big idea the
next big thing.

Principal - Cybersecurity - Cloud

New York, New York

Overview

Ready to redefine how people interact with the latest, coolest tech? On our User Experience (UX) team, your vision will drive cutting-edge ideas across our mobile products. Whether it’s apps, music, games or other services, this is your chance to shape millions of customer experiences.

  • Full-time
  • Level: All

Back to Job Navigation (Overview)

What makes someone successful in this position? Check out below to see if you have what it takes.

  • Creative 8
  • Collaborative 10
  • Enthusiastic 8
  • Curious 9
  • Problem-Solver 10
  • Understanding 9

Principal - Cybersecurity - Cloud

New York, New York

Title: Principal - Cyber Security - Cloud

A
highly skilled individual who is passionate about people, security, and
technology, has a proven track record and takes pride in delivering
high-quality solutions and enjoys learning, thrives in a dynamic work
environment, and excels in the soft skills required to effectively work with a
talented organization of IT and non-IT teams. As part of the AT&T CSO Team, you will support the Xandr Global Cybersecurity Program. The successful candidate
must demonstrate successful track record in bringing high-quality solutions
quickly, enjoy learning/applying new technologies, has the ability to build
relationships and influence change.
This position provides
advanced security for hybrid cloud environment including AWS, Azure and on-Prem

Responsibilities:

§Develop and influence security solutions that balance business
requirements, threat mitigation, and compliance requirements in an effort to
provide effective, efficient, and appropriate risk mitigation

§Research, evaluate, pilot and recommend new technologies for
potential implementation, and existing technology for continued efficacy

§Work with Xandr leadership team to monitor internal systems
supporting the information security program including Firewalls, UBA, SIEM/Log
management, EDR (and other endpoint security tools), encryption, PAM etc

  • Subject matter expertise on security
    requirements and controls for IaaS, PaaS and SaaS cloud environments

§Lead the roadmap, design and define the security architecture for
(hybrid and non-hybrid) cloud environments with a focus on AWS, Azure and other
IaaS using industry best practices and steer architecture blueprints to
standardized security design patterns across Applications, Platforms and
Infrastructure

§Lead
& perform cloud security assessments to ensure Xandr hybrid cloud
environments are secure and compliant to developed standards and controls

  • Develop
    technical content, such as white papers and reference architectures that
    can be used by our customers to assist them in deploying secure infrastructure
    solutions

§Support Risk Management, Compliance, Security Operations, and
global IT operations as a security SME

  • Consults and collaborates with various project team
    members and external personnel to monitor, manage, resolve incident,
    problem tickets, and make changes and ensure adherence to established
    change processes to meet enterprise requirements.

§Maintain
accurate and relevant information security documentation including the
development of secure coding policies, procedures and standards, modification
of the Software Development Process, Threat Modeling, and requirements for
architecture blueprints

  • Evaluate new application packages and tools,
    perform vulnerability research, and provide recommendations for solutions
  • Drive the integration of DevSecOps security
    automation tools (SAST, DAST, into the CI/CD pipeline and Software
    Composition Analysis)

Required Skills:

  • Ability to work in a multi-functional, fast paced,
    dynamic environment and collaborate with vendors, internal customers and
    partners.
  • Ability to evaluate and analyze people, technology and
    process implementations to realize potentials risks and security issues.

§Excellent
knowledge of core information security concepts, their applicability, and
ability to analyze business impact and develop supporting security
architectures for various security domains (data protection, application,
access management, encryption)

  • Expertise in designing, implementing scalable distributed
    solution architectures for large global enterprise including hypervisor technologies
    such as KVM, Xen and ESXi
  • Intermediate knowledge about networking
    technology, design and concepts such as segmentation, dynamic/static
    routing, switching, MPLS etc
  • Familiarity with technologies such as SAML,
    OAuth, WAF, RASP, PAM, IAM, AD, TACACS+, Radius, 802.1x, Linux, Windows,
    VMware

§Deep knowledge of modern vulnerability threats including
threat intelligence, discovery, mitigation controls, remediation, and root
cause analysis

  • Experience with AWS and/or Azure security services, Identity
    Access Management (IAM), Role & Policy, Key Management Services (KMS),
    Audit Logging, Encryption and Segmentation
  • Familiarity with cloud vulnerability/threat
    detection, remediation and IDS/IPS & WAF optimization
  • Familiarity with security technologies such
    as Access Control technologies, Forward/reverse proxy, Encryption &
    Key Management, WAF, EDR, Vulnerability detection, Directory Services, SSO
    and infrastructure hardening
  • Deep expertise with one or more of the IaaS
    technologies such as AWS, Azure, or GCP
  • Familiarity with code review, application &
    infrastructure testing and vulnerability management process
  • Expertise with automation and container technologies
    such as Docker, Kubernetes
  • Familiar with network analysis tools (Wireshark,
    tcpdump, etc)
  • Familiarity with IPAM, Network Taps, Load Balancers,
    ACLs and ACI/SDN
  • Familiarity with creating scripts using Bash,
    PowerShell or Python

Additional requirements:

  • BS in Computer Science or a related technical field or
    equivalent experience
  • 5+ years of hands-on experience leading a comprehensive
    security program (vulnerability management, vendor security, etc.)
  • Must be available to work
    weekends and after hours when needed or be on call at certain times as
    needed
  • Ability to
    prioritize workload, meet deadlines, manage multiple complex global
    projects simultaneously
  • Excellent
    documentation and communications skill to explain complex technical issues
    to technical and non-technical stakeholders
  • Experience
    collaborating with various stakeholders at different levels

§Ability to work with
minimal supervision

Certifications:

·CISSP, CCSP, GPEN/CEH, CISA

·AWS and/or Azure Certification, Openstack

·MCSE, RHCA, Linux+, TOGAF, COBIT



Job ID 2001739
Date posted 01/13/2020

Applicant Experience

Want to know what to expect? Here’s a breakdown of the typical application process.

  • Check your status regularly. Timing varies, so log in to see where we are.
  • Be ready to bring your laptop to show your portfolio – and have answers prepared regarding how you approached your projects, the tools you used and your personal experiences with them.
  • In-person interviews are typically 3-4 hours with UX peers.
  • 30-minute phone interview with recruiter

  • 30-minute phone interview with hiring manager

  • Potential second round in-person interviews

  • Conditional job offer

  • Drug screening and background check

  • Congratulations and welcome to AT&T!

Great Company

Pros

Great benefits, PTO, salary, and potential bonus opportunities.

Cons

New community to the company so there are some pains as we grow.

Current Employee - Senior User Experience Designer
  • One Star Rating
  • Two Star Rating
  • Three Star Rating
  • Four Star Rating
Glassdoor

LifeAtATT

This is the life – the #LifeAtATT, that is. We’re creating what’s next and having a blast doing it. You’re looking for proof? Well, see for yourself.

Back to top