AT&T Senior-Technology Security in Middletown, New Jersey
Purpose: This career step requires senior level experience. Responsible for
review and analysis of security requirements, works with senior team members to
develop integrated plans to protect corporate assets and information
technology, and administers security systems to support daily security
Roles and Responsibilities: Includes researching, recommending, documenting,
and coordinating implementation of changes to policies, procedures, facilities,
and systems to enhance security as well as developing and delivering corporate
security awareness training for users and technical security training for
system administrators. Facilitates compliance with company security policies,
practices and legal requirements. May provide support to non-management
employees, including coaching, on-the-job and formal training, reference
materials, procedures and system documentation. Provides information to
management regarding the negative impact on the business caused by theft,
destruction, alteration or denial of access to information. May interface with
other stakeholders including vendors, application development and technical
support staff, and clients. May provide inventory and asset management
resources to security operation, including administrative supplies, security
specific resources such as SecurID cards or cryptographic key management, and
specialized security software.
The candidate will work as a member of the AT&T Chief Security
Office, Threat Analytics Expansion Program, as a data threat analyst, on a
project that analyzes event data for security relevant events using a variety
of network-data processing platforms. The candidate will work in a
collaborative manner with other analysts to identify, characterize, provide
recommendations for remediation, and define analytical methods to automate the
analysis. The candidate will perform ad-hoc analytical processing on a variety
of network data feeds, system processed data derivatives (metadata), automated
system alerts, and open source information. This will require collaboration
with other analysts, as well as collaboration with outside organizations. The
analyst will require knowledge in some of the newest areas of security
including Cloud technology, Big Data environments, Mobility, and Advanced
Persistent Threats. Some aspects of the analysis may require use of deep packet
inspection packet analysis. The candidate will be responsible for
reporting findings in written and verbal form. Results of analysis will
be used to inform management, notify affected customers, advise network operations,
and advise network engineering on security issues as well as recommended
remediation and solutions. The candidate will also work with researchers
to help define algorithms for automation of ad-hoc analysis methods and will
work with the analysis platform engineering and development team to help define
automated processing reports and alerts for automation of ad-hoc processes.
Skills: Deep Understanding of
Transmission Control Protocol / Internet Protocol (TCP/IP) protocols, devices,
security mechanisms and how they operate.
- Deep Understanding of network security threats including APT, botnets,
Distributed Denial of Service (DDoS) attacks, worms, and network exploits.
- Vast Experience with network probing/testing/analysis tools (Nessus, nmap,
burp, wireshark, etc.)
- Technical knowledge of Windows, UNIX and Linux operating systems as both an
user and system administrator
- Programming skills that will be used to construct, modify, and execute
testing tools including shell(ksh, bash), [g]awk, Python, PERL, regex, .NET
Programming, Java, C, C++, C#, Powershell, curl, Web application development
(PHP, ASP.NET, etc.)
- Industry Knowledge of software security testing principles, practices, and
tools, experience of vulnerability assessments in a complex environment.
- Experience with Malware (including reverse engineering) and with internal and
- Experience or familiarity with vulnerability analysis, computer forensics
tools, cryptography principles
- Excellent team work skills for collaboration on analysis techniques,
implementation, and reporting. Must be able to work both independently as
well as effectively work in teams of individuals with a variety of skills and
- Excellent written and verbal communication skills, and have demonstrated
ability to present material to senior officials.
Highly self-motivated requiring little direction.
Demonstrates creative/out-of-the-box thinking and good problem solving
- Demonstrates strong ethical behavior.
- Experience with database management software (Oracle, MongoDB, MySQL, DB2,
- Ability to obtain a strong and ongoing understanding of the technical details
involved in current APT threats and exploits involving various operating
systems, applications and networking protocols.
- Knowledge of tactics, techniques, and procedures associated with malicious
insider activity, organized crime/fraud groups and both state and non-state
sponsored threat actors.
- Understanding of cloud-based architectures and highly distributed big data
Understanding of mobile android and iOS environments and app development
Experience with application security testing tools, such as Qualys Web App
Security, IBM AppScan, HP WebInspect, HP Fortify, Metasploit framework
- Knowledge of security frameworks (ISO 27001/27002, NIST, HIPPA, SOX, etc.)
Contribution: Senior level technical expertise. Deep technical knowledge and
subject matter expert on ATT technologies.
Bachelors of Science degree in the field of Computers, Engineering, or
Experience: Typically requires 5- 8 years experience.
Technical Career Pathway (TCP) role.
Requirements: This position may be responsible for contributing to AT&T's
compliance with environmental laws and regulations as applicable to its job
function. This may include, but is not limited to, work related to fuel tanks,
emergency and stand-by generators, boilers, hazardous waste, hazardous
materials, batteries, manholes and vaults, water wells, linear and other
construction projects, water discharge, or air emissions.
Principal Functional Skills / Competencies associated with this Title:
Finance and Accounting
Identity and Access Management
Information Security Architecture
Information Security Management
Investigative Information Security Technologies
IT Service Continuity Management
Network and Internet Security
Software Security Assurance
Note: Additional skills / competencies may be added to this specific requisition. During the application process, you will be asked to provide your proficiency and experience with all the skills / competencies associated with the requisition.
Click here to view this job description in Career Intelligence. at http://careerintelligence.web.att.com/cip/view/main.html#/jobProfile/49090208
Job Code - 49090208
- AT&T Jobs