National Labor Exchange Veterans Jobs

nlx logo

Search Jobs from Veteran Friendly Employers

Job Information

AT&T Senior-Technology Security in Middletown, New Jersey

Overall

Purpose: This career step requires senior level experience. Responsible for

review and analysis of security requirements, works with senior team members to

develop integrated plans to protect corporate assets and information

technology, and administers security systems to support daily security

operations.

Key

Roles and Responsibilities: Includes researching, recommending, documenting,

and coordinating implementation of changes to policies, procedures, facilities,

and systems to enhance security as well as developing and delivering corporate

security awareness training for users and technical security training for

system administrators. Facilitates compliance with company security policies,

practices and legal requirements. May provide support to non-management

employees, including coaching, on-the-job and formal training, reference

materials, procedures and system documentation. Provides information to

management regarding the negative impact on the business caused by theft,

destruction, alteration or denial of access to information. May interface with

other stakeholders including vendors, application development and technical

support staff, and clients. May provide inventory and asset management

resources to security operation, including administrative supplies, security

specific resources such as SecurID cards or cryptographic key management, and

specialized security software.

The candidate will work as a member of the AT&T Chief Security

Office, Threat Analytics Expansion Program, as a data threat analyst, on a

project that analyzes event data for security relevant events using a variety

of network-data processing platforms. The candidate will work in a

collaborative manner with other analysts to identify, characterize, provide

recommendations for remediation, and define analytical methods to automate the

analysis. The candidate will perform ad-hoc analytical processing on a variety

of network data feeds, system processed data derivatives (metadata), automated

system alerts, and open source information. This will require collaboration

with other analysts, as well as collaboration with outside organizations. The

analyst will require knowledge in some of the newest areas of security

including Cloud technology, Big Data environments, Mobility, and Advanced

Persistent Threats. Some aspects of the analysis may require use of deep packet

inspection packet analysis. The candidate will be responsible for

reporting findings in written and verbal form. Results of analysis will

be used to inform management, notify affected customers, advise network operations,

and advise network engineering on security issues as well as recommended

remediation and solutions. The candidate will also work with researchers

to help define algorithms for automation of ad-hoc analysis methods and will

work with the analysis platform engineering and development team to help define

automated processing reports and alerts for automation of ad-hoc processes.

Required

Skills: Deep Understanding of

Transmission Control Protocol / Internet Protocol (TCP/IP) protocols, devices,

security mechanisms and how they operate.

  • Deep Understanding of network security threats including APT, botnets,

Distributed Denial of Service (DDoS) attacks, worms, and network exploits.

  • Vast Experience with network probing/testing/analysis tools (Nessus, nmap,

burp, wireshark, etc.)

  • Technical knowledge of Windows, UNIX and Linux operating systems as both an

user and system administrator

  • Programming skills that will be used to construct, modify, and execute

testing tools including shell(ksh, bash), [g]awk, Python, PERL, regex, .NET

Programming, Java, C, C++, C#, Powershell, curl, Web application development

(PHP, ASP.NET, etc.)

  • Industry Knowledge of software security testing principles, practices, and

tools, experience of vulnerability assessments in a complex environment.

  • Experience with Malware (including reverse engineering) and with internal and

external attacks.

  • Experience or familiarity with vulnerability analysis, computer forensics

tools, cryptography principles

  • Excellent team work skills for collaboration on analysis techniques,

implementation, and reporting. Must be able to work both independently as

well as effectively work in teams of individuals with a variety of skills and

backgrounds.

  • Excellent written and verbal communication skills, and have demonstrated

ability to present material to senior officials.

  • Highly self-motivated requiring little direction.

  • Demonstrates creative/out-of-the-box thinking and good problem solving

skills.

  • Demonstrates strong ethical behavior.

Desired Skills:

  • Experience with database management software (Oracle, MongoDB, MySQL, DB2,

etc.)

  • Ability to obtain a strong and ongoing understanding of the technical details

involved in current APT threats and exploits involving various operating

systems, applications and networking protocols.

  • Knowledge of tactics, techniques, and procedures associated with malicious

insider activity, organized crime/fraud groups and both state and non-state

sponsored threat actors.

  • Understanding of cloud-based architectures and highly distributed big data

architectures

  • Understanding of mobile android and iOS environments and app development

  • Experience with application security testing tools, such as Qualys Web App

Security, IBM AppScan, HP WebInspect, HP Fortify, Metasploit framework

  • Knowledge of security frameworks (ISO 27001/27002, NIST, HIPPA, SOX, etc.)

Job

Contribution: Senior level technical expertise. Deep technical knowledge and

subject matter expert on ATT technologies.

Education:

Bachelors of Science degree in the field of Computers, Engineering, or

Mathematics preferred.

Experience: Typically requires 5- 8 years experience.

Technical Career Pathway (TCP) role.

Supervisory:

No.

Environmental

Requirements: This position may be responsible for contributing to AT&T's

compliance with environmental laws and regulations as applicable to its job

function. This may include, but is not limited to, work related to fuel tanks,

emergency and stand-by generators, boilers, hazardous waste, hazardous

materials, batteries, manholes and vaults, water wells, linear and other

construction projects, water discharge, or air emissions.

Principal Functional Skills / Competencies associated with this Title:

  • Business Orientation

  • Cloud Computing

  • Encryption Technologies

  • Endpoint Security

  • Finance and Accounting

  • Identity and Access Management

  • Information Security Architecture

  • Information Security Management

  • Investigative Information Security Technologies

  • IT Service Continuity Management

  • Network and Internet Security

  • Process Management

  • Project Management

  • Quality Management

  • Risk Assessment

  • Risk Management

  • Software Security Assurance

  • Solutions Development

  • Technical Excellence

  • Technology Advising

Note: Additional skills / competencies may be added to this specific requisition. During the application process, you will be asked to provide your proficiency and experience with all the skills / competencies associated with the requisition.

Click here to view this job description in Career Intelligence. at http://careerintelligence.web.att.com/cip/view/main.html#/jobProfile/49090208

Job Code - 49090208

DirectEmployers