Sr Specialist Cybersecurity - Control Testing

Job Description:

Role: Senior Specialist – Control Testing

About the Company:

Join AT&T and reimagine the communications and technologies that connect the world. Our Chief Security Office ensures that our assets are safeguarded through truthful transparency, enforce accountability and master cybersecurity to stay ahead of threats. Bring your bold ideas and fearless risk-taking to redefine connectivity and transform how the world shares stories and experiences that matter. When you step into a career with AT&T, you won’t just imagine the future-you’ll create it.

About the Job:

The Control Testing & Reporting (CTR) team is part of Chief Security Office (CSO) and responsible for testing information technology and information security controls owned and operated by AT&T Technology Services (ATS), which includes CSO.  This Senior Specialist joins the CTR team to work and collaborate with our control owners, control operators and technology leadership to identify gaps in design and operating effectiveness of AT&T’s controls. 

The professional in this role will independently test IT General Controls (ITGC), Cloud security, Critical application security, and other information technology and information security controls necessary for regulatory compliance (e.g., SOX, PCI DSS).

Experience Level: 8+ years.

Location: Hyderabad / Bengaluru

Responsibilities Include:

• Working with CTR team leadership to understand the need for control testing, and support them with prioritizing & planning, annual test plan preparation activities.
• Independently executing complex engagements assigned from the annual testing plan or other discrete engagements (test script preparation, walkthroughs, issue identification, obtaining stakeholder agreement, documentation and reporting them to senior ATS stakeholders) within the expected timelines and quality parameters, while working closely with external auditors, and other internal stakeholders where necessary, for better efficiency.
• Providing analysis of complex information technology and security issues and provides clear articulation of risk to AT&T assets (devices, networks, applications & data), and customers. Also, supporting periodic articulation of risk to ATS’s objectives using the test results and open issues by the Reporting team.
• Mentoring and supporting junior team members with advice and training.
• Supporting the development of a Control Testing Methodology and other key components of Technology Risk Management Framework (TRMF) and tooling that are related to or impact control testing.

Required skills:

• Minimum 8 years’ experience in Technology Risk Management or Consulting or Assurance with at least 5 of those years in design or testing of controls in the areas of information technology and information security (SOX / ITGC / Critical application security / Cloud security)

• Strong understanding of regulatory requirements like SOX, PCIDSS etc.
• Strong documentation and effective articulation skills.

Desirable skills:

• Bachelor's degree in Computer Science, Mathematics, Information Systems, Engineering or Cyber Security.
• Prior experience with Telecom sector
• ISACA, ISC2 or other relevant certifications.

Additional information (if any): Need to be flexible to provide coverage in US morning hours.

Weekly Hours:

Time Type:

Location:

It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, AT&T will provide reasonable accommodations for qualified individuals with disabilities.