Senior - Cybersecurity Incident & Threat Management at AT&T Careers - AT&T Careers
Skip to Main Content

Make your next
big idea the
next big thing.

Senior - Cybersecurity Incident & Threat Management

New York, New York


Ready to redefine how people interact with the latest, coolest tech? On our User Experience (UX) team, your vision will drive cutting-edge ideas across our mobile products. Whether it’s apps, music, games or other services, this is your chance to shape millions of customer experiences.

  • Full-time
  • Level: All

Back to Job Navigation (Overview)

What makes someone successful in this position? Check out below to see if you have what it takes.

  • Creative 8
  • Collaborative 10
  • Enthusiastic 8
  • Curious 9
  • Problem-Solver 10
  • Understanding 9

Senior - Cybersecurity Incident & Threat Management

New York, New York

Title: Senior - CyberSecurity Incident & Threat

A highly skilled individual who is
passionate about people, security, and technology, has a proven track record
and takes pride in delivering high-quality solutions and enjoys learning, thrives
in a dynamic work environment, and excels in the soft skills required to
effectively work with a talented organization of IT and non-IT teams. As part of the AT&T CSO Team, you will support the Xandr Global Cybersecurity Program.  The
successful candidate must demonstrate successful track record in bringing
high-quality solutions quickly, enjoy learning/applying new technologies, has
the ability to build relationships and influence change.
This position provides advanced
security monitoring, incident response, threat intelligence, analysis and countermeasures.


§Develop and influence security
solutions that balance business requirements, threat mitigation, and compliance
requirements in an effort to provide effective, efficient, and appropriate risk

§Build, maintain and assist with
proactive monitoring, identification, analysis, mitigation, remediation, and
proactive hunting of cyber threats

§Develop &
build methodology, and work on developing and maturing threat hunting program focusing
on detecting anomalies and gaps in the security posture

§Proactively gain
insight into various attack vectors and develop actionable information in the
form of technical indicators, signatures, warnings or reports

§Leads discoveries or determines
new attacker techniques and perform threat hunting within the environment to
detect or discover malicious activity.

§Assist with incident response
investigations (eg: unauthorized access, non-compliance, fraud, exploitation, C&C,
privilege escalation etc.) to determine cybersecurity breaches, and remediation

forensics analysis on malware, network traffic, as well as new indicators to
detect prior compromise and potential impact.

§Research, evaluate, pilot and
recommend new technologies for potential implementation, and existing
technology for continued efficacy

§Develops and leads threat
intelligence briefings, threat evaluation studies and work closely with
stakeholders to enable the implementation of strategic recommendations.

§Work with Xandr and ATT leadership
team to monitor internal systems supporting the information security program
including Firewalls, UBA, SIEM/Log management, EDR (and other endpoint security
tools), encryption, PAM etc

§Support Risk Management, Compliance, Security Operations, and
global IT operations as a security SME

  • Consults and collaborates with various project team
    members and external personnel to monitor, manage, resolve incident,
    problem tickets, and make adjustmests as needed.
  • Provide
    recommendation on best practices on to whitelist / blacklist malicious IP
    addresses and sink-holing of malicious communications.

Required Skills:

  • Ability to work in a multi-functional, fast paced,
    dynamic environment and collaborate with vendors, internal customers and
  • Ability to evaluate and analyze people, technology and
    process implementations to realize potentials risks and security issues.

knowledge of core information security concepts, their applicability, and
ability to analyze business impact and develop supporting security
architectures for various security domains (data protection, application,
access management, encryption)

  • Familiarity with technologies such as SAML,
    OAuth, WAF, RASP, PAM, IAM, AD, TACACS+, Radius, 802.1x, Linux, Windows,
    VMware including networking technology and database technologies

§Deep knowledge of modern vulnerability threats including
threat intelligence, discovery, mitigation controls, remediation, and root
cause analysis

  • Familiarity with security technologies such
    as Access Control technologies, Forward/reverse proxy, Encryption &
    Key Management, WAF, EDR, DLP, Intrusion detection, Vulnerability detection,
    Directory Services, SSO and infrastructure hardening
  • Expertise with Unix, Linux, Windows, Mac and cloud
    environment such AWS, Azure and GCP

with automation and demonstrated experience with s
SIEM technologies, including
administration and analyst operation of SIEM within SOC functionality

  • Deep experience with syslog, Splunk technologies and various
    event logging system including cloud (Iaas, Paas and SaaS) environments
  • Familiar with network analysis tools (Wireshark, tcpdump,
  • Familiarity with creating scripts using Bash, PowerShell and Python

Additional requirements:

  • BS in Computer Science or a related technical field or
    equivalent experience
  • 7+ years of hands-on experience leading a comprehensive
    security program including 3+ years in a SOC environment
  • Experience with forensics tools such as Encase, FTK and
  • Experience with Mitre ATT&CK framework and EDR solutions
    and understanding of cybersecurity exploits and potential attack vectors
  • Must be available to work weekends
    and after hours when needed or be on call at certain times as needed
  • Excellent
    documentation and communications skill to explain complex technical issues
    to technical and non-technical stakeholders
  • Experience in collaborating
    with various stakeholders at different levels

§Ability to work with
minimal supervision



Job ID 2001742
Date posted 01/13/2020

Applicant Experience

Want to know what to expect? Here’s a breakdown of the typical application process.

  • Check your status regularly. Timing varies, so log in to see where we are.
  • Be ready to bring your laptop to show your portfolio – and have answers prepared regarding how you approached your projects, the tools you used and your personal experiences with them.
  • In-person interviews are typically 3-4 hours with UX peers.
  • 30-minute phone interview with recruiter

  • 30-minute phone interview with hiring manager

  • Potential second round in-person interviews

  • Conditional job offer

  • Drug screening and background check

  • Congratulations and welcome to AT&T!

Great Company


Great benefits, PTO, salary, and potential bonus opportunities.


New community to the company so there are some pains as we grow.

Current Employee - Senior User Experience Designer
  • One Star Rating
  • Two Star Rating
  • Three Star Rating
  • Four Star Rating


This is the life – the #LifeAtATT, that is. We’re creating what’s next and having a blast doing it. You’re looking for proof? Well, see for yourself.

Back to top