Lead Cybersecurity - Red Team Operator

Job Description:

This position requires office presence of a minimum of 5 days per week and is only located in the location(s) posted. No relocation is offered.

Join our dynamic Cyber Operations Red Team as a Lead Red Team Operator. In this role, you will participate in sophisticated Red Team exercises aimed at uncovering vulnerabilities across our networks, systems, applications, and processes. As an innovative thinker, you will go beyond standard vulnerability assessments, developing and utilizing unique tools and techniques to identify and exploit security gaps.

Your primary responsibilities will involve conducting comprehensive Red Team exercises to identify vulnerabilities in diverse environments such as cloud-hosted and web-based applications, API interfaces, databases, big data environments, networks, computer systems, mobile applications, Software Defined Networks, and IoT devices and systems. You will design and develop custom tools and methodologies to enhance our security testing capabilities and employ creative tactics to uncover weaknesses, including poor user practices and weak security methods. Working collaboratively with other Red Team members and Security Analysts, you will identify and exploit security issues, characterize cyber-attack vectors, and discover related vulnerabilities, providing actionable recommendations for remediation.

In addition, you will be required to stay abreast of the latest vulnerabilities and exploit techniques, continuously adapting your tools and methodologies to address emerging threats and evolving security landscapes. Your role will also involve documenting and communicating security findings in both written and verbal formats, using your insights to inform management, drive security strategies, notify affected customers, and advise network operations and other business units on security issues and recommended solutions.

Responsibilities Include:

• Performing formal and informal targeted “Hunts” to identify vulnerabilities.
• Actively building and participating in Red Team exercises.
• Designing and creating new/custom Red Team tools and tests.
• Employing tactics to uncover security holes in user practices and procedures.
• Researching, documenting, and discussing security findings with relevant stakeholders.
• Providing feedback and verification as security issues are fixed.

Required Skills & Experience:

• 4+ years of experience in penetration testing and red team operations
• Deep understanding of Transmission Control Protocol / Internet Protocol (TCP/IP) protocols, devices, security mechanisms and how they operate.
• Strong understanding of network security threats including APT, botnets, Distributed Denial of Service (DDoS) attacks, worms, and network exploits.
• Experience with network probing/testing/analysis tools (Nessus, nmap, burp, wireshark, etc.)
• Deep technical knowledge of Windows, UNIX and Linux operating systems as both an expert user and system administrator
• Programming skills that will be used to construct, modify, and execute testing tools including shell (ksh, bash), [g]awk, Python, PERL, regex, .NET Programming, Java, C, C++, C#, PowerShell, curl, Web application development (PHP, ASP.NET, etc.)
• Comprehensive knowledge of software security testing principles, practices, and tools, experience of vulnerability assessments in a complex environment.
• Experience or familiarity with vulnerability analysis, computer forensics tools, cryptography principles
• Excellent teamwork skills for collaboration on analysis techniques, implementation, and reporting.  Must be able to work both independently as well as effectively in teams of individuals with a variety of skills and backgrounds.
• Excellent written and verbal communication skills and have demonstrated ability to present material to senior officials.
• Highly self-motivated requiring little direction.
• Demonstrates creative/out-of-the-box thinking and good problem-solving skills.
• Demonstrates strong ethical behavior.

Desired Skills & Experience:

• Strong knowledge of an enterprise architecture
• Ability to obtain a strong and ongoing understanding of the technical details involved in current APT threats and exploits involving various operating systems, applications and networking protocols.
• Knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors.
• Understanding of cloud-based architectures and highly distributed big data architectures
• Experience with application security testing tools, such as the Metasploit framework and Burp Suite
• One or more of these certifications
  • CEH: Certified Ethical Hacker
  • CPT: Certified Penetration Tester
  • CEPT: Certified Expert Penetration Tester
  • GPEN: GIAC Certified Penetration Tester
  • OSCP: Offensive Security Certified Professional

• BS/MS degree in Computer Science, Cyber Security, Engineering, or related technical field

The description provided above is not intended to be an exhaustive list of all job duties, responsibilities, and requirements. Duties, responsibilities, and requirements may change over time and according to business needs. 

Education:

Preferred Bachelors degree in Information Systems, Engineering, or Cyber Security.

Experience:

Typically requires 5-8 years of experience. Technical Career Pathway (TCP) role.

Supervisory:

No.

Our Lead Cybersecurity earns between $128,400.00-$192,600.00 USD Annual, not to mention all the other amazing rewards that working at AT&T offers. Individual starting salary within this range may depend on geography, experience, expertise, and education/training.

Joining our team comes with amazing perks and benefits:  

• Medical/Dental/Vision coverage
• 401(k) plan
• Tuition reimbursement program
• Paid Time Off and Holidays (based on date of hire, at least 23 days of vacation each year and 9 company-designated holidays)
• Paid Parental Leave
• Paid Caregiver Leave
• Additional sick leave beyond what state and local law require may be available but is unprotected.
• Adoption Reimbursement
• Disability Benefits (short term and long term)
• Life and Accidental Death Insurance
• Supplemental benefit programs: critical illness/accident hospital indemnity/group legal
• Employee Assistance Programs (EAP)
• Extensive employee wellness programs
• Employee discounts up to 50% off on eligible AT&T mobility plans and accessories, AT&T internet (and fiber where available) and AT&T phone.

#LI-Onsite – Full-time office role-

 AT&T is leading the way to the future – for customers, businesses, and the industry. We're developing new technologies to make it easier for our customers to stay connected to their world. Together, we’ve built a premier integrated communications and entertainment company and an amazing place to work and grow. Team up with industry innovators every time you walk into work, creating the world you always imagined. Ready to #transformdigital with us?

Apply now!

Weekly Hours:

40

Time Type:

Regular

Location:

USA:GA:Atlanta / 1277 Lenox Park Blvd Ne - Adm:1277 Lenox Park Blvd Ne

Salary Range:

$128,400.00 - $215,800.00

It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, AT&T will provide reasonable accommodations for qualified individuals with disabilities.