Job Description:
Overall Purpose: This career step requires senior level experience. Responsible for cyber security areas across products, services, infrastructure, networks, and/or applications while providing protection for AT&T, our customers and our vendors/partners. Works with senior team members on various projects relating to the protection of devices, customers, assets, data, information technology, and networks. Supports innovation, strategic planning, technical proof of concepts, testing, lab work, and various other technical program management related tasks associated with the cyber security programs.
Key Roles and Responsibilities: Includes ideation, testing, proof of concept and support for various cyber related projects. Analysis, of complex security issues and the development and engineering activities to help mitigate risk. Analyzes various hardware and/or software solutions recommending purchases and identifying modifications to fit AT&T's cyber security needs and that of our managed services teams. Develops policies and procedures to minimize network intrusion, malware events and vulnerability issues for internal and external customers. Applies measures to block malicious code and applications. Includes forward looking research, planning and strategy to strengthen our stance against future cyber security threats, and enhance our mitigation techniques and technology solutions.
Areas of work include, but are not limited to: Cyber Incident Response, cyber product testing, cyber risk & strategic analysis, cyber research, cyber awareness & training, cyber vulnerability detection & assessment, cyber intelligence & investigation, cyber networks & systems engineering, cyber security application testing, cyber digital forensics & forensics analysis, cyber software assurance, cyber business operations & support, cyber application development & testing, cyber operational support, cyber IoT planning & testing, cyber policy & requirements & standards.
Position Summary:
This position's primary focus will be setup, configuration, and
post installation support of complex encryption systems for data at rest and
data in transit.Solutions will
encompass a wide variety of AT&T encryption solutions and will leverage
existing documentation, process, and procedures for successful execution of
this job function.This position will
also require diligence and focus on general security “Best Practices” during
work to ensure that non-compliant ASPR solutions are not in use or planned for
use.
Principal Responsibilities:
85% - Configuration, setup, and maintenance of complex encryption systems
The SCS will work with 3rd party vendors and peer business units in the installation, configuration, setup, and maintenance of encryption solutions for AT&T applications.Proper setup and configuration and post install support is complex and mandatory for success of the encryption solution.If security gaps or vulnerabilities are identified, they must be presented to Encryption Team leadership for analysis and assessment.Clear and effective communication is mandatory.The individual may also be called upon to assist in incident response involving exploits against AT&T’s products and services.
15% - Analysis
Perform high level and detailed analysis of key management and data protection services, encryption tactics/standards, and detailed knowledge of Cloud Architectures.Hands-on experience designing/architecting and usage of Cloud Storage is highly desired.
The SCS will conduct or work with others to perform intrusive encryption system installation, testing, and configuration with AT&T Network Elements (storage array’s, NFS storage, SMB storage, etc.).They will develop and execute security test plans against high profile products and services associated with AT&T application systems, insuring proper system operation following integration with an encryption solution. They must be familiar with device/OS platform security components, vulnerability assessment tools and methods for vulnerability mitigation/resolution.
·
Training and Special Skills:
·Required
·BS in EE, Computer Science, Systems Engineering, Mathematics or equivalent degree
·Understanding of Cryptographic System concepts and technologies
·Knowledge or experience in software system network architecture, design, and operations
·Experience with Key Management Systems
·Experience with HSM’s (Thales and SafeNet preferred)
·Windows Server, Windows Desktop (Win7, Win10), Unix/Linux
·Unix/Linux Shell Scripting Skills
·Windows/DOS Batch Scripting/PowerShell
·Experience using troubleshooting tools such as Wireshark, SysInternals toolsets, Procmon, etc.; using these tools to troubleshoot, diagnosis, and study system behavior.
·Strong written and verbal communication skills are a must
·Experience and Understanding of Cloud Storage Systems and their architectures (e.g., IaaS, SaaS, PaaS, DaaS)
·Strong analytical skills
·Ability to understand and troubleshoot test security solutions
·Experience with problem determination, resolution, root cause analysis
·Desired
·Proficient Microsoft Office experience including Visio or other diagramming / documenting tool
·Familiarity with any of the following program languages to assist in assessment of application security architectures is a plus: Java, C/C++, Objective C, C Sharp, HTML5, .NET, IIS Web Server, SQL Server, Oracle VB, Unix Scripts, Perl, XML or UML
·Knowledge of PKI and PKI Best Practices
·Understanding and knowledge of PCI (Payment Card Industry) Standards
·Understanding and knowledge of HIPPA (Health Insurance Portability and Accountability Act)
·Understanding and knowledge of FIPS and NIST Requirements w/regard to Encryption
·Thorough understanding of cryptographic algorithms, digital certificates, and certificate authority infrastructures.
·Understand cryptography keys;Key creation, key exchange, key use, key storage, key size requirements, and key recovery
·Desired Certifications (not required)
·Certified Information Systems Security Professional, CISSP
·Certificate of Cloud Security Knowedge, CCSK
Job Contribution: Senior level technical expertise. Deep technical knowledge and subject matter expert on ATT technologies.
Education: Preferred bachelor’s degree in information systems, Engineering, Mathematics or Cyber Security or equivalent experience.
Experience: Typically requires 5-8 years’ experience. Technical Career Pathway (TCP) role.
Supervisory: No.
Required
·BS in EE, Computer Science, Systems Engineering, Mathematics or equivalent degree
·Understanding of Cryptographic System concepts and technologies
·Knowledge or experience in software system network architecture, design, and operations
·Experience with Key Management Systems
·Experience with HSM’s (Thales and SafeNet preferred)
·Windows Server, Windows Desktop (Win7, Win10), Unix/Linux
·Unix/Linux Shell Scripting Skills
·Windows/DOS Batch Scripting/PowerShell
·Experience using troubleshooting tools such as Wireshark, SysInternals toolsets, Procmon, etc.; using these tools to troubleshoot, diagnosis, and study system behavior.
·Strong written and verbal communication skills are a must
·Experience and Understanding of Cloud Storage Systems and their architectures (e.g., IaaS, SaaS, PaaS, DaaS)
·Strong analytical skills
·Ability to understand and troubleshoot test security solutions
·Experience with problem determination, resolution, root cause analysis
Experience: Typically requires 5-8 years’ experience. Technical Career Pathway (TCP) role.
Supervisory: No.
More jobs in St Louis, Missouri
|
3M Healthcare US Opco LLC |
|
Liquid Env Solutions of Texas |
|
AT&T |