ATT Principal Cybersecurity - Red Team Operator 

United States, North Carolina, Charlotte 

344643978

This position requires office presence of a minimum of 5 days per week and is only located in the location(s) posted. No relocation is offered.

Your role within the Cyber Operations Red Team will be focused on building, contributing to and improving a robust Red Teaming program. This will require you to collaborate with management to set strategic goals for yourself and the program. You will need to possess in-depth knowledge of security gaps and vulnerabilities and use this knowledge to align team goals with overall organizational goals to reduce our security exposure. Your testing will go beyond the vulnerabilities identified by standard tools; you are expected to be creative and innovative in your approach and in the development of new or modified tools and techniques. You will work collaboratively with other Red Team members and Security Analysts to identify security issues, characterize the cyber-attack vectors, discover any related vulnerabilities, and provide recommendations for remediation of those issues. You will continually learn of new vulnerabilities and exploit techniques and will evolve your tools and methodology to adapt to changing situations.

This position will also require you to continually advance your technical skills to keep yourself positioned as a subject matter expert in many areas of threat hunting and red teaming. This work will require deep level knowledge in the area of exploits and vulnerabilities, scripting, and a strong understanding of networking and network Protocols. You are expected to learn advanced pen testing techniques using “off the shelf” and custom created security tools. The candidate will propose algorithms that solve threat-based use cases defined by their threat hunting and red teaming. You will be responsible for reporting findings in written and verbal form and will be used to inform management, notify affected customers, advise network operations, and advise network engineering on security issues as well as recommended remediation and solutions.

The Red Team Operator will:

• Perform formal and informal targeted “Hunts” to identify vulnerabilities in cloud-hosted and web-based applications, API interfaces, databases, big data environments, networks, computer systems, mobile applications, Software Defined Networks and IoT (Internet of Things) devices and systems.
• Actively building, participating and leading Red Team exercises
• Design and create new/custom Red team tools and tests
• Employ tactics to uncover security holes (poor user security practices, weak methods and procedures, etc.)
• Determine methods that attackers could use to exploit weaknesses and logic flaws to mimic these techniques in targeted red team operations
• Research, document and discuss security findings with management, security teams and IT teams
• Provide feedback and verification as an organization fixes security issues
• Identify, review and recommend improvements for security services, system administration practices, and development/system integration methodology to improve the company’s cybersecurity posture

Required Skills & Experience:

• 7+ years of experience in penetration testing and red team operations
• Deep understanding of Transmission Control Protocol / Internet Protocol (TCP/IP) protocols, devices, security mechanisms and how they operate.
• Strong understanding of network security threats including APT, botnets, Distributed Denial of Service (DDoS) attacks, worms, and network exploits.
• Experience with network probing/testing/analysis tools (Nessus, nmap, burp, wireshark, etc.)
• Deep technical knowledge of Windows, UNIX and Linux operating systems as both an expert user and system administrator
• Programming skills that will be used to construct, modify, and execute testing tools including shell (ksh, bash), [g]awk, Python, PERL, regex, Java, C, C++, C#, Powershell, curl, Web application development (PHP, ASP.NET, etc.)
• Comprehensive knowledge of software security testing principles, practices, and tools, experience of vulnerability assessments in a complex environment.
• Experience with Malware (including reverse engineering) and with internal and external attacks.
• Experience or familiarity with vulnerability analysis, computer forensics tools, cryptography principles
• Excellent teamwork skills for collaboration on analysis techniques, implementation, and reporting. Must be able to work both independently as well as effectively work in teams of individuals with a variety of skills and backgrounds.
• Excellent written and verbal communication skills and have demonstrated ability to present material to senior officials.
• Highly self-motivated requiring little direction.
• Demonstrates creative/out-of-the-box thinking and good problem-solving skills.
• Demonstrates strong ethical behavior.

Desired Skills & Experience:

• Strong knowledge of an enterprise architecture
• Ability to obtain a strong and ongoing understanding of the technical details involved in current APT threats and exploits involving various operating systems, applications and networking protocols.
• Knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors.
• Understanding of cloud-based architectures and highly distributed big data architectures
• Understanding of mobile android and iOS environments and app development
• Experience with application security testing tools, such as the Metasploit framework and Burp Suite
• One or more of these certifications
  • CEH: Certified Ethical Hacker
  • CPT: Certified Penetration Tester
  • CEPT: Certified Expert Penetration Tester
  • GPEN: GIAC Certified Penetration Tester
  • OSCP: Offensive Security Certified Professional

• BS/MS degree in Computer Science, Cyber Security, Engineering, or related technical field

The description provided above is not intended to be an exhaustive list of all job duties, responsibilities, and requirements. Duties, responsibilities, and requirements may change over time and according to business needs.

Preferred Bachelors degree in Information Systems, Engineering, Mathematics or Cyber Security or equivalent experience.

Typically requires 8-10 years of experience. Technical Career Pathway (TCP) role.

Our Principal Cybersecurity earns between $158,200.00-$237,400.00 USD Annual, not to mention all the other amazing rewards that working at AT&T offers. Individual starting salary within this range may depend on geography, experience, expertise, and education/training.

Joining our team comes with amazing perks and benefits:

• Medical/Dental/Vision coverage
• 401(k) plan
• Tuition reimbursement program
• Paid Time Off and Holidays (based on date of hire, at least 23 days of vacation each year and 9 company-designated holidays)
• Paid Parental Leave
• Paid Caregiver Leave
• Additional sick leave beyond what state and local law require may be available but is unprotected.
• Adoption Reimbursement
• Disability Benefits (short term and long term)
• Life and Accidental Death Insurance
• Supplemental benefit programs: critical illness/accident hospital indemnity/group legal
• Employee Assistance Programs (EAP)
• Extensive employee wellness programs
• Employee discounts up to 50% off on eligible AT&T mobility plans and accessories, AT&T internet (and fiber where available) and AT&T phone.

USA:NJ:Bedminster / Us Hwy 206 - Adm:1405 Us Hwy 206

Salary Range:

$141,300.00 - $237,400.00

AT&T is a fair chance employer and does not initiate a background check until an offer is made.

04/14/2025