Sr Specialist System Engineering - Security Engineer

Job Description:

About the Job:

As a Specialist Cybersecurity and Member of Technical Staff in the Mobility Core Architecture and Network Services (MCANS) organization, this role is responsible for cybersecurity for AT&T Mobility & Voice Core Platform infrastructure, applications, and networks. Work as a team-member with Cloud/Application Architects, Network Engineers, and QA & Test roles including cross-functional teams in the Chief Security Office and Operations to achieve best-in-class security.  Specifically, this role is responsible for proactively identify security risks, propose remediation options, provide recurring data insights that represent the platform security posture, advance the team DevOps methods that improves security through design, testing, and predictive data insights.

Key Roles and Responsibilities:

• Contribute to ideation, testing, proof of concept and support for various cyber related projects.
• Analysis of complex security issues and the development and engineering activities to help mitigate risk.
• Develops policies and procedures to minimize network intrusion, malware events and vulnerability issues for internal and external customers.
• Applies measures to block malicious code and applications.
• Includes forward looking research, planning and strategy to strengthen our stance against future cybersecurity threats and enhance our mitigation techniques and technology solutions.
• Areas of work in this include, but are not limited to: Cyber Incident Response, cyber product testing, cyber risk & strategic analysis, cyber research, cyber awareness & training, cyber vulnerability detection & assessment, cyber intelligence & investigation, cyber networks & systems engineering, cybersecurity application testing, cyber digital forensics & forensics analysis, cyber software assurance, cyber application development & testing, cyber IoT planning & testing, cyber policy & requirements & standards.  
• Analyze various hardware, operating systems, and/or software solutions recommending purchases and identifying modifications to fit AT&T's cyber security needs and that of our managed services teams.

Day-to-Day Responsibilities

•    Provide cybersecurity oversight in AT&T’s Non-Production SDLC environments: Lead cybersecurity prevention and remediation across applications, platforms, and cloud infrastructure ensuring robust protection for the enterprise and customers.

•    Project Collaboration and Innovation: Partner with senior team members on projects aimed at advancing methods for security testing and predictive mitigation. Drive innovation by contributing to technical proof of concepts, testing, and lab work.

•    Effectively practice proactive threat Mapping and security analysis: Conduct threat mapping, threat modeling, and analysis of hardware, software, and operating systems to develop comprehensive cybersecurity test plans and risk analysis.

•    Investigate recurring internal CSO requirements and programs to educate the team: Stay on top of cutting-edge security technology, internal CSO standards, and best practices to ensure our security measures are always up-to-date and effective.  Learn and communicate advances made within the AT&T Chief Security Office to help the team evolve its practices.

•    Develop and publish security reporting that depicts the platform security health: Prepare detailed reports documenting security test findings, vulnerabilities, risks, and line of sight to remediation. Conduct risk assessments and provide actionable remediation recommendations.

•         Policy and Procedure Development: Develop and implement DevOps and lab policies and procedures to minimize network intrusions, configuration security defects, and vulnerabilities

•    Vulnerability Lifecycle Management: Manage the cybersecurity vulnerability lifecycle, working with development and other teams to report, track, and lead remediation efforts across the SDLC

•   Assist with forward-looking research and tactics: Conduct forward-looking research and techniques to strengthen our defenses against future cybersecurity threats. Enhance mitigation techniques and technology solutions in areas such as Cyber Incident Response, cyber product testing, vulnerability reporting, cyber risk analysis, cyber research, cyber awareness and training, cyber vulnerability detection and assessment, cyber intelligence and investigation, cyber networks and systems engineering, cyber security application testing, cyber digital forensics, cyber software assurance, cyber application

Qualifications

• 8+ years as in Security Engineering, Security Analysis, and/or DevSecOps/System Administration
• Bachelor degree in Information Systems, Computer Science, Engineering, or Cyber Security.
• Familiarity with the OWASP Top 10 and other security concerns for web applications
• Understanding of OWASP Application Security Verification Standards (ASVS)
• Understanding of security concepts such as software vulnerabilities, encryption, logging, firewall, SSL, TLS, key vault, security group, container registry, stateful firewall, WAF, NAT, access-list, perimeter security, identity, and access management Skilled in understanding vulnerabilities, assessment of the risk, and the impact on the software, image, VM, Kubernetes clusters, and cloud platforms
• Web Application Security: Knowledge of web application security concepts, common vulnerabilities (e.g., OWASP Top 10), and techniques for testing web applications, including manual testing and using automated scanners like Burp Suite or OWASP ZAP
• Understanding of Vulnerability Concepts:  
  • Definition of Vulnerability: A vulnerability is a weakness or flaw in a system, network, application, or process that could be exploited by threat actors to compromise the confidentiality, integrity, or availability of data or resources
  • Vulnerability Classification: Vulnerabilities can manifest in various forms, including software bugs, misconfigurations, design flaws, human errors, and inadequate security controls. Common types of vulnerabilities include buffer overflows, SQL injection, cross-site scripting (XSS), authentication bypass, and insecure direct object references
  • Common Vulnerability Scoring System (CVSS): CVSS is a standardized framework for assessing the severity and impact of vulnerabilities. It provides a numerical score based on factors such as exploitability, impact, and remediation level to help prioritize and manage vulnerabilities effectively.
  • Zero-Day Vulnerabilities: Zero-day vulnerabilities are vulnerabilities that actively exploit applications by threat actors before a patch or mitigation is available from the vendor. These vulnerabilities pose a significant risk because organizations have no advance notice or protection against them.
  • Business Impact:  Evaluating the potential consequences of disruptions to critical business operations, helping organizations understand the financial, operational, and reputational impacts of such events.
  • Exploitability:  Evaluating the feasibility and potential impact of exploiting vulnerabilities within systems or applications, aiding in determining the level of risk posed by these vulnerabilities and guiding prioritization of mitigation efforts
• Operating System Knowledge: In-depth understanding of various operating systems (e.g., Windows, Linux, Unix) and vulnerabilities.
• Networking Knowledge: Familiarity with networking protocols, services, and infrastructure components (e.g., TCP/IP, DNS, DHCP, firewalls, routers) to understand potential vulnerabilities in networked environments.
• Understanding of virtualization, containerization, and Infrastructure as Code (IaC) concepts Skilled in various cloud platforms. E.g. Microsoft Azure
• Experience with programming languages like Linux Shell, Python for data manipulation and analysis
• Working knowledge of Excel and/or PowerBI data visualization, Statistical prediction, and data aggregation for dashboards and security management insights
• Understanding of Docker, OpenStack, and Kubernetes Experienced Continuous Integration/Continuous Deployment (CI/CD) Familiarity with Azure and ADO concepts Administrator level expertise in Linux.
• Experienced in Ansible and Python scripting Experienced in YAML and JSON file types and their usage Basic familiarity of GO language and GIT.

#SoftwareEngineering

Weekly Hours:

Time Type:

Location:

It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, AT&T will provide reasonable accommodations for qualified individuals with disabilities.