Lead-Cybersecurity at AT&T in Atlanta, Georgia

Job Description:

Overall Purpose: This career step requires mastery level experience. Responsible for cyber security areas across products, services, infrastructure, networks, and/or applications while providing protection for AT&T, our customers and our vendors/partners. Works with senior team members on various projects relating to the protection of devices, customers, assets, data, information technology, and networks. Supports innovation, strategic planning, technical proof of concepts, testing, lab work, and various other technical program management related tasks associated with the cyber security programs.

Key Roles and Responsibilities: Includes ideation, testing, proof of concept and support for various cyber related projects. Analysis, of complex security issues and the development and engineering activities to help mitigate risk. Analyzes various hardware and/or software solutions recommending purchases and identifying modifications to fit AT&T's cyber security needs and that of our managed services teams. Develops policies and procedures to minimize network intrusion, malware events and vulnerability issues for internal and external customers. Applies measures to block malicious code and applications. Includes forward looking research, planning and strategy to strengthen our stance against future cyber security threats, and enhance our mitigation techniques and technology solutions. Areas of work include, but are not limited to: Cyber Incident Response, cyber product testing, cyber risk & strategic analysis, cyber research, cyber awareness & training, cyber vulnerability detection & assessment, cyber intelligence & investigation, cyber networks & systems engineering, cyber security application testing, cyber digital forensics & forensics analysis, cyber software assurance, cyber business operations & support, cyber application development & testing, cyber operational support, cyber IoT planning & testing, cyber policy & requirements & standards.

The person in this position will consider strengths and weaknesses in our existing controls, become familiar with activities of threat actors, and consider or anticipate new attack vectors that we need to prepare for.  The entire IAM platform environment is potentially within scope to include things like infrastructure (e.g., cloud), application software, vendor relationships, operations functions, defensive controls, system administration, and user interfaces. 

The person will also participate in relevant peer, government, and industry groups to help share and learn about relevant issues and countermeasures.  The person will develop recommended countermeasure proposals, help coordinate business case development, coordinate activities across organizations, and coordinate implementation of technical and procedural solutions to protect AT&T and customer interests in the AT&T Identity and Access Management Platforms. 

This person will also help coordinate with testing activities and/or exercises to assure appropriate protections and responses are operating as expected throughout the life-cycle of the systems.  This person will be the primary point-of-contact for any security vulnerabilities and security incidents that are associated with the authentication platforms.  Finally, this person will help assure vulnerability patching and compliance activities are appropriately addressed.  There are many facets of this role, but they are in cooperation with engineering, software development, application operations, infrastructure, threat analysis, and other teams to aid in execution.

Training and Special Skills:  Minimum Bachler’s degree in technical and legal disciplines.  10+ years of experience in the area of fraud and security management and/or systems security engineering required.  Background in penetration testing/red teaming and/or active defense/blue teaming highly desired. Requires mastery level experience in the area of security and fraud process improvement within the corporation.      Familiarity with organizations relevant to insights, authorities, and implementation is helpful.  Familiarity with legal and policy mechanisms applicable to security and fraud are helpful.

Job Contribution: Acknowledged technical authority and internal thought leader on ATT technologies.

Education: Preferred Master’s degree in information systems, Engineering, Mathematics or Cyber Security or equivalent experience.

Experience: Typically requires 10+ years’ experience. Technical Career Pathway (TCP) role.

Supervisory: No.

Requirements:

1. Broad knowledge of cyber security topics including threat actors, counter measures, controls, and processes for business IT systems

2. Knowledge and preferably experience in operations of large business critical IT systems

3. Strong communications and relationship building skills for coordination with other teams to execute on needed plans and requirements

4. Software development and/or data analysis skills or at least experience

5. Possession or at least eligible for a US Security clearance