Principal Cybersecurity Attack Surface Mgmt - API Detective

Job Description:

This position requires office presence of a minimum of 5 days per week and is only located in the location(s) posted. No relocation is offered.

Join AT&T and reimagine the communications and technologies that connect the world. Our Chief Security Office ensures that our assets are safeguarded through truthful transparency, enforce accountability and master cybersecurity to stay ahead of threats. Bring your bold ideas and fearless risk-taking to redefine connectivity and transform how the world shares stories and experiences that matter. When you step into a career with AT&T, you won’t just imagine the future-you’ll create it.

Job Summary: The Attach Surface Management SME will play a critical role in identifying, managing, and mitigating risks associated with API technologies. This position requires deep expertise in API security, a strong understanding of attack surfaces, and the ability to develop and implement robust security strategies. The ideal candidate will have extensive experience in API management, security best practices, and a proactive approach to threat detection and response.

Key Responsibilities:

• Lead the development and implementation of API security strategies to protect against potential threats and vulnerabilities.
• Conduct thorough assessments of API attack surfaces and identify areas of risk.
• Discovery, identification, and attribution of APIs across multiple attack surfaces.
• Collaborate with development teams to ensure secure API design and implementation.
• Develop and enforce security policies, standards, and best practices for API management.
• Monitor and analyze API traffic to detect and respond to security incidents.
• Provide expert guidance on API security to internal and external stakeholders.
• Stay current with the latest trends, threats, and technologies in API security.
• Conduct training and awareness programs on API security for development and operations teams.
• Prepare and present detailed reports on API security posture and incident response activities.
• Work with AI technologies, including training Large Language Models (LLM) and utilizing Retrieval-Augmented Generation (RAG).

Qualifications:

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. A master's degree is preferred.
• Minimum of 8+ years of experience in cybersecurity, with a focus on API security and management.
• Strong knowledge of API security frameworks, standards, and best practices (e.g., OAuth, OpenID Connect, JWT).
• Proven experience in identifying and mitigating API security risks and vulnerabilities.
• Excellent analytical, problem-solving, and communication skills.
• Ability to work effectively in a collaborative, fast-paced environment.
• Relevant certifications such as CISSP, CEH, or equivalent are highly desirable.
• Experience with OWASP Web Security Testing methods
• Experience working with Web Application Firewalls
• Development experience in Python, JavaScript, Bash Scripting, C/C+/C#, or GO desired.
• Experience with network scanning tools (Tenable, Nmap, Qualys, Rapid7).

Supervisory:

No.

Our Principal Cybersecurity earns between $141,300-$211,900 USD Annual, not to mention all the other amazing rewards that working at AT&T offers. Individual starting salary within this range may depend on geography, experience, expertise, and education/training.

Joining our team comes with amazing perks and benefits:  

• Medical/Dental/Vision coverage
• 401(k) plan
• Tuition reimbursement program
• Paid Time Off and Holidays (based on date of hire, at least 23 days of vacation each year and 9 company-designated holidays)
• Paid Parental Leave
• Paid Caregiver Leave
• Additional sick leave beyond what state and local law require may be available but is unprotected.
• Adoption Reimbursement
• Disability Benefits (short term and long term)
• Life and Accidental Death Insurance
• Supplemental benefit programs: critical illness/accident hospital indemnity/group legal
• Employee Assistance Programs (EAP)
• Extensive employee wellness programs
• Employee discounts up to 50% off on eligible AT&T mobility plans and accessories, AT&T internet (and fiber where available) and AT&T phone.

#LI-Onsite – Full-time office role-

 AT&T is leading the way to the future – for customers, businesses, and the industry. We're developing new technologies to make it easier for our customers to stay connected to their world. Together, we’ve built a premier integrated communications and entertainment company and an amazing place to work and grow. Team up with industry innovators every time you walk into work, creating the world you always imagined. Ready to #transformdigital with us?

Apply now!

Weekly Hours:

40

Time Type:

Regular

Location:

USA:NC:Charlotte / Research Dr - Dat:9139 Research Dr

Salary Range:

$141,300.00 - $211,900.00

It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, AT&T will provide reasonable accommodations for qualified individuals with disabilities. AT&T is a fair chance employer and does not initiate a background check until an offer is made.