דרושים Lead Cybersecurity - Full Stack Software Developer ב-Att ב-United States, Charlotte

This position requires office presence of a minimum of 5 days per week and is only located in the location(s) posted. No relocation is offered.

Position will support the critical threat analytics platform efforts of CSO. The position will fill a critical role in helping the threat platforms remain current with necessary data sources and alarms/algorithms required for threat analytics. The position fills a critical gap in cross platform technology innovation and security data coverage of the network perimeter and Enterprise assets contributing to security investigations and response activity.

Key Roles and Responsibilities:

-Conducts design and development work in the areas of new products/technologies, systems/platform architecture, hardware/software development engineering, technical security and QA Design/Certification.

-Work must primarily involve new and emerging technologies and technical architectures on projects with a status between inception and implementation/software maturity.

Job Contribution:

Expert level technical professional. Advisor on technical knowledge and AT&T technologies.

PhD in an approved field from an approved university with a minimum of 4 years of relevant experience or Masters in an approved field from an approved university with a minimum of 6 years of relevant experience or a Bachelors in an approved field from an approved university with a minimum of 8 years of relevant experience. Technical Career Pathway (TCP) role.

Our Principal Member of Technical Staff earns between $180,200.00-$270,400.00 USD Annual, not to mention all the other amazing rewards that working at AT&T offers. Individual starting salary within this range may depend on geography, experience, expertise, and education/training.

Joining our team comes with amazing perks and benefits:

• Medical/Dental/Vision coverage
• 401(k) plan
• Tuition reimbursement program
• Paid Time Off and Holidays (based on date of hire, at least 23 days of vacation each year and 9 company-designated holidays)
• Paid Parental Leave
• Paid Caregiver Leave
• Additional sick leave beyond what state and local law require may be available but is unprotected.
• Adoption Reimbursement
• Disability Benefits (short term and long term)
• Life and Accidental Death Insurance
• Supplemental benefit programs: critical illness/accident hospital indemnity/group legal
• Employee Assistance Programs (EAP)
• Extensive employee wellness programs
• Employee discounts up to 50% off on eligible AT&T mobility plans and accessories, AT&T internet (and fiber where available) and AT&T phone.

Salary Range:

AT&T is a fair chance employer and does not initiate a background check until an offer is made.

About the Job:

The Lead Cybersecurity is a development position, scope of work includes participating in scrum team ceremonies, reviewing, and approving software requirements, solutions, estimating LOE, writing code, testing & reviewing code before delivering completed assignments. Individual must prove competency with writing secure code, following clean code practices, as well as being proficient with use of developer tooling and platforms. In addition to writing code for assigned stories, this role includes prepare and provide necessary documentation and responses during audit processes, ,client and production tier 3 support tasks, assisting with trouble shooting issues and being available to quickly mitigate security issues (including prompt resolution of any bug bounty tickets, addressing exploits occurring in the application environments). This is an individual contributor position with no direct reports.

Key Roles and Responsibilities:

• Write code for IT systems involved with IAM and UAM solutions.

• Includes ideation, testing, proof of concept and support for various cyber related projects.

• Prepare and provide necessary documentation and responses during audit processes.

• Analysis, of complex security issues and the development and engineering activities to help mitigate risk.

• Analyzes various hardware and/or software solutions recommending purchases and identifying modifications to fit AT&Ts cyber security needs and that of our managed services teams.

• Develops policies and procedures to minimize network intrusion, malware events and vulnerability issues for internal and external customers.

• Applies measures to block malicious code and applications. Includes forward looking research, planning and strategy to strengthen our stance against future cyber security threats, and enhance our mitigation techniques and technology solutions.

Qualifications:

• Preferred Bachelors degree in Information Systems, Engineering, or Cyber Security.

• Requires 5-8 years of related experience.

• Requires knowledge of Java 17, Spring boot 3.x+, Spring JDBC Template, log4j, JUnit, Oracle DB, GITHUB, JFROG, JSON, Tomcat, Apache andAngular

• Strong scripting knowledge.

• Knowledge in implementing the File Integrity Monitoring (FIM) process, experience with enterprise Identity Lifecycle Management, and proficiency in Java, Spring Framework, Python, and Apache server are advantageous.

• Solid understanding of cybersecurity risks and controls for applications.

• Requires Daily Office Presence (3-5 days a week). No relocation assistance is provided.

Our Lead Cybersecurity, earns between$143,800.00-$215,800.00 USD Annual, Not to mention all the other amazing rewards that working at AT&T offers. Individual starting salary within this range may depend on geography, experience, expertise, and education/training.

• ·Medical/Dental/Visioncoverage.

• 401(k) plan

• Tuition reimbursement program.

• Paid Time Off and Holidays (based on date of hire, at least 23 days of vacation each year and 9 company-designated holidays)

• Paid Parental Leave.

• Paid Caregiver Leave.

• Additional sick leave beyond what state and local law require may be available but is unprotected.

• Adoption Reimbursement.

• Disability Benefits (short term and long term)

• Life and Accidental Death Insurance.

• Supplemental benefit programs: critical illness/accident hospital indemnity/group legal.

• Employee Assistance Programs (EAP)

• Extensive employee wellness programs.

• Employee discounts up to 50% off on eligible AT&T mobility plans and accessories, AT&T internet (and fiber where available) and AT&T phone.

Salary Range:

AT&T is a fair chance employer and does not initiate a background check until an offer is made.

Key Roles and Responsibilities:

• Successfully plan, execute, monitor, control, and close all technical tasks related to configuration and support of all aspects of the ServiceNow platform, specifically to address security requirements and enhance our organization's security posture.

• Collaborate with stakeholders to gather and understand business requirements and translate them into technical specifications.

• Experience in designing and implementing ServiceNow IAM solutions, including automation of security processes.

• Develop and maintain ServiceNow workflows, forms, scripts, and integrations to automate security processes and improve efficiency.

• Provide support for software coding and customization including, but not limited to:

• user interfaces, workflow administration, report setup, data imports, integration, scripting, third party software integrations, and custom application development.

• Update and maintain a comprehensive testing suite to support out of the box (OOTB) as well as custom applications with the purpose of regression testing.

• Maintain interfaces for external integrations leveraging ServiceNow’s Integration Hub, REST and other standard integration protocols.

• Coordinate and solve complex technical data and transformation issues related to data ingestion and external integration

• -Obtain and analyze/interpret business requirements to create sustainable solutions in ServiceNow.

• Answer “how to” technical and application configuration questions.

• Conduct regular testing and troubleshooting of ServiceNow solutions to identify and resolve any issues or bugs.

• Stay up to date with the latest industry trends and best practices in development and proactively recommend improvements to enhance our security operations.

• Provide technical guidance and support to junior developers and team members.

• Partner and collaborate with international and diverse teams to ensure seamless day-to-day business operations, effective handovers, and foster a unified team culture.

Computer and Information Science, Computer Applications, Computer Engineering, Computer Programming, Computer Systems Analysis, Information Technology, Management Information Systems, Systems Engineering

Experience:

• Minimum of 8 years of experience as a ServiceNow Developer, with a focus on Identity and Access Management

• Strong background in ServiceNow development, and a passion for staying up to date with the latest industry trends

• Strong analytical and problem-solving skills, with the ability to troubleshoot and resolve technical issues.

Preferred Qualifications:

• Configure and customize ServiceNow modules specific to cybersecurity and IAM operations.

• Collaborate with cross-functional teams, including IT, Security, and Compliance, to ensure alignment and integration of security processes within the ServiceNow platform.

• Experience in developing and implementing ServiceNow integrations with other tools

• Ability to provide hands-on support and troubleshooting of the ServiceNow application, related integration, and overall platform

• Experience in configuring Workspace, Process Automation Designer, and Integrations

• Drive troubleshooting of issues identifying root cause and working with cross functional teams, or with the ServiceNow vendor as required to address issues in a timely manner

ServiceNow Certified System Administrator

Preferred / Nice to have:

• ServiceNow Certified Implementation Specialist (CIS) in Security Operations

• ITIL V3 foundation certification

• ServiceNow Certified Application Developer

• Solid understanding of Security and Infrastructure concepts

• Javascript

• Web Services

Our Lead Cybersecurity, earns between $143,800.00-$215,800.00 USD Annual, not to mention all the other amazing rewards that working at AT&T offers. Individual starting salary within this range may depend on geography, experience, expertise, and education/training.

Joining our team comes with amazing perks and benefits:

• Medical/Dental/Vision coverage
• 401(k) plan
• Tuition reimbursement program
• Paid Time Off and Holidays (based on date of hire, at least 23 days of vacation each year and 9 company-designated holidays)
• Paid Parental Leave
• Paid Caregiver Leave
• Additional sick leave beyond what state and local law require may be available but is unprotected.
• Adoption Reimbursement
• Disability Benefits (short term and long term)
• Life and Accidental Death Insurance
• Supplemental benefit programs: critical illness/accident hospital indemnity/group legal
• Employee Assistance Programs (EAP)
• Extensive employee wellness programs
• Employee discounts up to 50% off on eligible AT&T mobility plans and accessories, AT&T internet (and fiber where available) and AT&T phone.

Salary Range:

AT&T is a fair chance employer and does not initiate a background check until an offer is made.

Job Description:

This position requires office presence a minimum of 5 days per week and is only located in the location(s) posted. No relocation is offered.

Bring your bold ideas and fearless risk-taking to redefine connectivity and transform how the world shares stories and experiences that matter. When you step into a career with AT&T, you won’t just imagine the future-you’ll create it.

About The Job

The work will be a combination of technical, architectural, analytical, consultation, remediation, project management, and being an overall Encryption SME. Strong knowledge of Cloud environments (Microsoft Azure and AWS) is required.

What We're Looking For:

• Cryptography Enthusiast: Strong knowledge of encryption algorithms, secure protocols, and cryptographic libraries.
• Problem-Solving Skills: Ability to tackle complex security challenges with innovative solutions.
• Team Player: Strong collaboration & communication skills and the ability to work effectively in a diverse team environment.
• Continuous Learner: Eagerness to stay updated with the latest trends and advancements in cybersecurity and encryption.

The successful candidate will have a strong security background (5+ years of successful career advancement in Cyber Security), with an emphasis on Encryption and Digital Certificates in particular. Extensive knowledge of PKI (Public & Private) architecture, encryption technologies (e.g., data at rest, data in transit, structured & unstructured data encryption, TLS protocols, VPN, IPSec, etc.), Identity & Access Management (IDM), Key Management (KMS), and Secrets Management systems.

Desired Skills:

A demonstrated successful background in Security, showing strong knowledge of Security Fundamentals and a CISSP Certification.

Prior experience with Any of the following certifications would be a plus:

Microsoft Azure Fundamentals (AZ-900), Microsoft Azure Security Engineer Associate (AZ-500), Microsoft Azure Developer Associate (AZ-203), Microsoft Azure Solutions Architect Expert (AZ-305), AWS Certified Solutions Architect, AWS Certified Security Specialist, Azure Security Engineer Associate (AZ-500). Experience with KeyFactor EJBCA, KeyFactor CMD, Voltage SecureData, Thales data at rest encryption.

Bachelors degree in Information Systems, Engineering, or Cyber Security

Our Lead Cybersecurity, earns between$143,800.00-$215,800.00 USD Annual, Not to mention all the other amazing rewards that working at AT&T offers. Individual starting salary within this range may depend on geography, experience, expertise, and education/training.

·Medical/Dental/Visioncoverage.

· 401(k) plan

· Tuition reimbursement program.

· Paid Time Off and Holidays (based on date of hire, at least 23 days of vacation each year and 9 company-designated holidays)

· Paid Parental Leave.

· Paid Caregiver Leave.

· Additional sick leave beyond what state and local law require may be available but is unprotected.

· Adoption Reimbursement.

· Disability Benefits (short term and long term)

· Life and Accidental Death Insurance.

· Supplemental benefit programs: critical illness/accident hospital indemnity/group legal.

· Employee Assistance Programs (EAP)

· Extensive employee wellness programs.

· Employee discounts up to 50% off on eligible AT&T mobility plans and accessories, AT&T internet (and fiber where available) and AT&T phone.

Salary Range:

AT&T is a fair chance employer and does not initiate a background check until an offer is made.

Job Description: (Software Developer)

This career step requires senior level experienced developer with the skills listed below. Hands-on function that ultimately results in the delivery of an application or service.

Responsible for translating the core architecture for business requirements into the final technical solution (consisting of platform, network, software, cloud, etc.) through functional, performance, and reliability analysis using engineering models and techniques, primarily through software development throughout the vertical stack.

Responsibilities:

• As a Full Stack Developer, contribute to development of both Frontend (UI) and Backend (BFF) layers.

• Build Frontend with React JS, Next JS and Backend BFF (Backend for Frontend) layer with either REST / Node JS.

• Creating and supporting the development of responsive/adaptive web applications.

• Work closely with the UX/UI Designers to create high quality, innovative and intuitive user experiences in our products.

• Employ engineering techniques to build a high-performance pages, user, and browser friendly UI / Web solutions.

• Effectively use Git Hub Co-pilot across SDLC for pair programming, unit test cases, automation test cases and to write user stories in agile process, etc. to increase developer productivity

• Partner with Enterprise, Application Architecture teams and contribute to the detail design and architecture to enable secure, scalable, and maintainable software.

• Focus on scalability, security and availability of all applications and processes.

• Design, code, test, debug, and document new and existing components to ensure that software meets business, quality, and operational needs.

• Build high quality code following unit testing and test-driven and security driven development.

• Constantly improve website performance with help of application monitoring tools such as Dynatrace, Quantum Metrics, Splunk, etc.

• Work with team to troubleshoot code level problems quickly and efficiently.

• Apply deep technical expertise to resolve challenging programming and design problems.

Requirements:

• Bachelor’s or Master’s Degree program in Computer Science, Computer Engineering, or a related field (or equivalent experience).

• Extremely motivated, highly passionate, and curious about new technologies.

• Take pride in your work and strive to achieve incredible results and possess superb communication and planning skills.

• 5 to 7 years of proven experience building sophisticated applications and APIs in Cloud and hybrid cloud environments at large scale preferably in Java and React JS.

• Experience building applications using Azure.

• 3+ years of experience developing applications utilizing LDAP/ORACLE databases.

• 3+ years of experience in implementing caching techniques for a web application.

• Ability to work successfully with multi-functional teams, principals, and architects.

• Coordinates optimally across organizational boundaries and geographies.

• 5+ Experience with front-end frameworks like Angular or React.

• 3+ years of strong background of object-oriented design principles and design patterns.

• Expert knowledge and experience working with asynchronous message processing, stream processing and event driven computing.

• Comfortable working in a fast-paced, highly collaborative environment.

Java, React.js, Node.js, Next JS, GoLang, Micro Front-End architecture, Bootstrap.js, HTML5, XML, CSS3, JavaScript, REST services, Junit, JSON, YAML, Spring boot, Kafka/MQ, Splunk, Azure / AWS, Prometheus/Grafana, Git, Jira, Jenkins, Docker, Kubernetes, Unix

Our Lead Cybersecurity, earns between$143,800.00-$215,800.00 USD Annual,Not to mention all the other amazing rewards that working at AT&T offers. Individual starting salary within this range may depend on geography, experience, expertise, and education/training.

·Medical/Dental/Visioncoverage.

· 401(k) plan

· Tuition reimbursement program.

· Paid Time Off and Holidays (based on date of hire, at least 23 days of vacation each year and 9 company-designated holidays)

· Paid Parental Leave.

· Paid Caregiver Leave.

· Additional sick leave beyond what state and local law require may be available but is unprotected.

· Adoption Reimbursement.

· Disability Benefits (short term and long term)

· Life and Accidental Death Insurance.

· Supplemental benefit programs: critical illness/accident hospital indemnity/group legal.

· Employee Assistance Programs (EAP)

· Extensive employee wellness programs.

· Employee discounts up to 50% off on eligible AT&T mobility plans and accessories, AT&T internet (and fiber where available) and AT&T phone.

Salary Range:

AT&T is a fair chance employer and does not initiate a background check until an offer is made.

This position requires office presence of a minimum of 5 days per week and is only located in the location(s) posted. No relocation is offered.

The Principal Cybersecurity - Insider Threat Platforms will be responsible for leading the design, configuration, testing, debugging, deployment of Content and documentation of new and existing use cases and components to ensure that modeling meets Threat Analytics and Insider threat monitoring needs for both User and Entity Behavior Analytics (UEBA) and Deception Technology Platforms. This analyst will also be accountable for supporting CSO stakeholders in both existing and emerging cybersecurity projects using the Insider threat Platforms.

This individual must be highly organized and able to manage various stakeholder requests as they arise with strong multitasking skills and technical acumen. In addition, the principal level analyst must also be able to mentor team members in all areas of responsibility.

• Expert knowledge of monitoring, installing, maintaining and/or troubleshooting cybersecurity related issues associated with applications and/or infrastructure systems.
• Expert knowledge of machine learning, technological decoy building, cloud concepts and networking.
• Expert analytical capabilities to develop and tune UEBA and Deception Platform rules/policies as needed.
• Perform data analysis and/or software engineering tasks such as writing scripts, calling APIs, write SQL queries, data analytics etc.
• Supports CSO’s threat intelligence tools and platforms including UEBA and Deception.
• Function as a subject matter expert on CSO analyst platforms and tools.
• 5+ years of software development, engineering, or data analysis experience.
• Expert knowledge of Insider Threat concepts.
• Expert knowledge of threat intelligence and data analysis platforms such as UEBA and Deception.
• Soft skills: strong verbal and written communications, creativity, problem solving, self-awareness, collaboration, time management, emotional intelligence, leadership

Preferred Bachelors degree in Information Systems, Engineering, Mathematics or Cyber Security or equivalent experience.

Typically requires 8-10 years of experience. Technical Career Pathway (TCP) role.

Our Principal Cybersecurity earns between $158,200.00-$237,400.00 USD Annual, not to mention all the other amazing rewards that working at AT&T offers. Individual starting salary within this range may depend on geography, experience, expertise, and education/training.

Joining our team comes with amazing perks and benefits:

• Medical/Dental/Vision coverage
• 401(k) plan
• Tuition reimbursement program
• Paid Time Off and Holidays (based on date of hire, at least 23 days of vacation each year and 9 company-designated holidays)
• Paid Parental Leave
• Paid Caregiver Leave
• Additional sick leave beyond what state and local law require may be available but is unprotected.
• Adoption Reimbursement
• Disability Benefits (short term and long term)
• Life and Accidental Death Insurance
• Supplemental benefit programs: critical illness/accident hospital indemnity/group legal
• Employee Assistance Programs (EAP)
• Extensive employee wellness programs
• Employee discounts up to 50% off on eligible AT&T mobility plans and accessories, AT&T internet (and fiber where available) and AT&T phone.

Salary Range:

AT&T is a fair chance employer and does not initiate a background check until an offer is made.

This position requires office presence of a minimum of 5 days per week and is only located in the location(s) posted. No relocation is offered.

Your role within the Cyber Operations Red Team will be focused on building, contributing to and improving a robust Red Teaming program. This will require you to collaborate with management to set strategic goals for yourself and the program. You will need to possess in-depth knowledge of security gaps and vulnerabilities and use this knowledge to align team goals with overall organizational goals to reduce our security exposure. Your testing will go beyond the vulnerabilities identified by standard tools; you are expected to be creative and innovative in your approach and in the development of new or modified tools and techniques. You will work collaboratively with other Red Team members and Security Analysts to identify security issues, characterize the cyber-attack vectors, discover any related vulnerabilities, and provide recommendations for remediation of those issues. You will continually learn of new vulnerabilities and exploit techniques and will evolve your tools and methodology to adapt to changing situations.

This position will also require you to continually advance your technical skills to keep yourself positioned as a subject matter expert in many areas of threat hunting and red teaming. This work will require deep level knowledge in the area of exploits and vulnerabilities, scripting, and a strong understanding of networking and network Protocols. You are expected to learn advanced pen testing techniques using “off the shelf” and custom created security tools. The candidate will propose algorithms that solve threat-based use cases defined by their threat hunting and red teaming. You will be responsible for reporting findings in written and verbal form and will be used to inform management, notify affected customers, advise network operations, and advise network engineering on security issues as well as recommended remediation and solutions.

The Red Team Operator will:

• Perform formal and informal targeted “Hunts” to identify vulnerabilities in cloud-hosted and web-based applications, API interfaces, databases, big data environments, networks, computer systems, mobile applications, Software Defined Networks and IoT (Internet of Things) devices and systems.
• Actively building, participating and leading Red Team exercises
• Design and create new/custom Red team tools and tests
• Employ tactics to uncover security holes (poor user security practices, weak methods and procedures, etc.)
• Determine methods that attackers could use to exploit weaknesses and logic flaws to mimic these techniques in targeted red team operations
• Research, document and discuss security findings with management, security teams and IT teams
• Provide feedback and verification as an organization fixes security issues
• Identify, review and recommend improvements for security services, system administration practices, and development/system integration methodology to improve the company’s cybersecurity posture

Required Skills & Experience:

• 7+ years of experience in penetration testing and red team operations
• Deep understanding of Transmission Control Protocol / Internet Protocol (TCP/IP) protocols, devices, security mechanisms and how they operate.
• Strong understanding of network security threats including APT, botnets, Distributed Denial of Service (DDoS) attacks, worms, and network exploits.
• Experience with network probing/testing/analysis tools (Nessus, nmap, burp, wireshark, etc.)
• Deep technical knowledge of Windows, UNIX and Linux operating systems as both an expert user and system administrator
• Programming skills that will be used to construct, modify, and execute testing tools including shell (ksh, bash), [g]awk, Python, PERL, regex, Java, C, C++, C#, Powershell, curl, Web application development (PHP, ASP.NET, etc.)
• Comprehensive knowledge of software security testing principles, practices, and tools, experience of vulnerability assessments in a complex environment.
• Experience with Malware (including reverse engineering) and with internal and external attacks.
• Experience or familiarity with vulnerability analysis, computer forensics tools, cryptography principles
• Excellent teamwork skills for collaboration on analysis techniques, implementation, and reporting. Must be able to work both independently as well as effectively work in teams of individuals with a variety of skills and backgrounds.
• Excellent written and verbal communication skills and have demonstrated ability to present material to senior officials.
• Highly self-motivated requiring little direction.
• Demonstrates creative/out-of-the-box thinking and good problem-solving skills.
• Demonstrates strong ethical behavior.

Desired Skills & Experience:

• Strong knowledge of an enterprise architecture
• Ability to obtain a strong and ongoing understanding of the technical details involved in current APT threats and exploits involving various operating systems, applications and networking protocols.
• Knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors.
• Understanding of cloud-based architectures and highly distributed big data architectures
• Understanding of mobile android and iOS environments and app development
• Experience with application security testing tools, such as the Metasploit framework and Burp Suite
• One or more of these certifications
  • CEH: Certified Ethical Hacker
  • CPT: Certified Penetration Tester
  • CEPT: Certified Expert Penetration Tester
  • GPEN: GIAC Certified Penetration Tester
  • OSCP: Offensive Security Certified Professional

• BS/MS degree in Computer Science, Cyber Security, Engineering, or related technical field

The description provided above is not intended to be an exhaustive list of all job duties, responsibilities, and requirements. Duties, responsibilities, and requirements may change over time and according to business needs.

Preferred Bachelors degree in Information Systems, Engineering, Mathematics or Cyber Security or equivalent experience.

Typically requires 8-10 years of experience. Technical Career Pathway (TCP) role.

Our Principal Cybersecurity earns between $158,200.00-$237,400.00 USD Annual, not to mention all the other amazing rewards that working at AT&T offers. Individual starting salary within this range may depend on geography, experience, expertise, and education/training.

Joining our team comes with amazing perks and benefits:

• Medical/Dental/Vision coverage
• 401(k) plan
• Tuition reimbursement program
• Paid Time Off and Holidays (based on date of hire, at least 23 days of vacation each year and 9 company-designated holidays)
• Paid Parental Leave
• Paid Caregiver Leave
• Additional sick leave beyond what state and local law require may be available but is unprotected.
• Adoption Reimbursement
• Disability Benefits (short term and long term)
• Life and Accidental Death Insurance
• Supplemental benefit programs: critical illness/accident hospital indemnity/group legal
• Employee Assistance Programs (EAP)
• Extensive employee wellness programs
• Employee discounts up to 50% off on eligible AT&T mobility plans and accessories, AT&T internet (and fiber where available) and AT&T phone.

Salary Range:

AT&T is a fair chance employer and does not initiate a background check until an offer is made.