Job description

Requirements

  • Entry level
  • No Education
  • Salary to negotiate
  • Washington, D.C.

Description

Overall
Purpose: This career step requires senior level experience. Responsible for
review and analysis of security requirements, works with senior team members to
develop integrated plans to protect corporate assets and information
technology, and administers security systems to support daily security
operations. 


Key
Roles and Responsibilities: Includes researching, recommending, documenting,
and coordinating implementation of changes to policies, procedures, facilities,
and systems to enhance security as well as developing and delivering corporate
security awareness training for users and technical security training for
system administrators. Facilitates compliance with company security policies,
practices and legal requirements. May provide support to non-management
employees, including coaching, on-the-job and formal training, reference
materials, procedures and system documentation. Provides information to
management regarding the negative impact on the business caused by theft,
destruction, alteration or denial of access to information. May interface with
other stakeholders including vendors, application development and technical
support staff, and clients. May provide inventory and asset management
resources to security operation, including administrative supplies, security
specific resources such as SecurID cards or cryptographic key management, and
specialized security software.


The candidate will work as a member of the AT&T Chief Security
Office, Threat Analytics Expansion Program, as a data threat analyst, on a
project that analyzes event data for security relevant events using a variety
of network-data processing platforms. The candidate will work in a
collaborative manner with other analysts to identify, characterize, provide
recommendations for remediation, and define analytical methods to automate the
analysis. The candidate will perform ad-hoc analytical processing on a variety
of network data feeds, system processed data derivatives (metadata), automated
system alerts, and open source information. This will require collaboration
with other analysts, as well as collaboration with outside organizations. The
analyst will require knowledge in some of the newest areas of security
including Cloud technology, Big Data environments, Mobility, and Advanced
Persistent Threats. Some aspects of the analysis may require use of deep packet
inspection packet analysis.  The candidate will be responsible for
reporting findings in written and verbal form.  Results of analysis will
be used to inform management, notify affected customers, advise network operations,
and advise network engineering on security issues as well as recommended
remediation and solutions.  The candidate will also work with researchers
to help define algorithms for automation of ad-hoc analysis methods and will
work with the analysis platform engineering and development team to help define
automated processing reports and alerts for automation of ad-hoc processes.

Required
Skills:Deep Understanding of
Transmission Control Protocol / Internet Protocol (TCP/IP) protocols, devices,
security mechanisms and how they operate.

- Deep Understanding of network security threats including APT, botnets,
Distributed Denial of Service (DDoS) attacks, worms, and network exploits.

- Vast Experience with network probing/testing/analysis tools (Nessus, nmap,
burp, wireshark, etc.)

- Technical knowledge of Windows, UNIX and Linux operating systems as both an
user and system administrator

- Programming skills that will be used to construct, modify, and execute
testing tools including shell(ksh, bash), [g]awk, Python, PERL, regex, .NET
Programming, Java, C, C++, C#, Powershell, curl, Web application development
(PHP, ASP.NET, etc.)

- Industry Knowledge of software security testing principles, practices, and
tools, experience of vulnerability assessments in a complex environment.

- Experience with Malware (including reverse engineering) and with internal and
external attacks.

- Experience or familiarity with vulnerability analysis, computer forensics
tools, cryptography principles

- Excellent team work skills for collaboration on analysis techniques,
implementation, and reporting.  Must be able to work both independently as
well as effectively work in teams of individuals with a variety of skills and
backgrounds.

- Excellent written and verbal communication skills, and have demonstrated
ability to present material to senior officials.

- Highly self-motivated requiring little direction.

- Demonstrates creative/out-of-the-box thinking and good problem solving
skills.

- Demonstrates strong ethical behavior.


Desired Skills:

- Experience with database management software (Oracle, MongoDB, MySQL, DB2,
etc.)

- Ability to obtain a strong and ongoing understanding of the technical details
involved in current APT threats and exploits involving various operating
systems, applications and networking protocols.

- Knowledge of tactics, techniques, and procedures associated with malicious
insider activity, organized crime/fraud groups and both state and non-state
sponsored threat actors.

- Understanding of cloud-based architectures and highly distributed big data
architectures

- Understanding of mobile android and iOS environments and app development

- Experience with application security testing tools, such as Qualys Web App
Security, IBM AppScan, HP WebInspect, HP Fortify, Metasploit framework

- Knowledge of security frameworks (ISO 27001/27002, NIST, HIPPA, SOX, etc.)

Job
Contribution: Senior level technical expertise. Deep technical knowledge and
subject matter expert on ATT technologies.


Education:
Bachelors of Science degree in the field of Computers, Engineering, or
Mathematics preferred.


Experience: Typically requires 5- 8 years experience.
Technical Career Pathway (TCP) role.


Supervisory:
No.


Environmental
Requirements: This position may be responsible for contributing to AT&T's
compliance with environmental laws and regulations as applicable to its job
function. This may include, but is not limited to, work related to fuel tanks,
emergency and stand-by generators, boilers, hazardous waste, hazardous
materials, batteries, manholes and vaults, water wells, linear and other
construction projects, water discharge, or air emissions.


Principal Functional Skills / Competencies associated with this Title:

- Business Orientation
- Cloud Computing
- Encryption Technologies
- Endpoint Security
- Finance and Accounting
- Identity and Access Management
- Information Security Architecture
- Information Security Management
- Investigative Information Security Technologies
- IT Service Continuity Management
- Network and Internet Security
- Process Management
- Project Management
- Quality Management
- Risk Assessment
- Risk Management
- Software Security Assurance
- Solutions Development
- Technical Excellence
- Technology Advising

Note: Additional skills / competencies may be added to this specific requisition. During the application process, you will be asked to provide your proficiency and experience with all the skills / competencies associated with the requisition.
Click here to view this job description in Career Intelligence.


 Job Code - 49090208

  • .net
  • c++
  • java
  • perl
  • php

About the company

AT&T Inc. is an American multinational telecommunications corporation, headquartered at Whitacre Tower in downtown Dallas, Texas.[4] AT&T is the second largest provider of mobile telephone and the largest provider of fixed telephone[5] in the United States, and also provides broadband subscription television services. AT&T is the third-largest company in Texas (the largest non-oil company, behind only ExxonMobil and ConocoPhillips, and also the largest Dallas company).[6] As of May 2014, AT&T is the 23rd-largest company in the world as measured by a composite of revenues, profits, assets and market value,[7] and the 16th-largest non-oil company.[8] As of 2015, it is also the 20th-largest mobile telecom operator in the world, with over 123.9 million mobile customers