Job Overview Job Description: Join AT&T and reimagine the communications and technologies that connect the world. Our Consumer Technology experience team is delivering innovative and reliable technology solutions to power differentiated, simplified customer experiences. Bring your bold ideas and fearless risk-taking to redefine connectivity and transform how the world shares stories and experiences that matter. When you step into a career with AT&T, you won't just imagine the future-you'll create it.
The Principal Cybersecurity Threat Hunter will work with the Cyber Security Hunt Team to engage in targeted security testing to uncover vulnerabilities in networks, systems and applications. The testing will go beyond the vulnerabilities identified by standard tools; the candidate is expected to be creative and innovative in their approach and in the development of new or modified tools and techniques.
The Principal Cybersecurity Threat Hunter will: Perform formal and informal targeted "Hunts" to identify vulnerabilities in cloud-hosted and web-based applications, API interfaces, databases, big data environments, networks, computer systems, mobile applications, Software Defined Networks and IoT (Internet of Things) devices and systems.
Design and create new/custom hunting tools and tests.
Employ tactics to uncover security holes (poor user security practices, weak methods, and procedures, etc.)
Determine methods that attackers could use to exploit weaknesses and logic flaws and identify counter-measures to thwart attacks.
Research, document and discuss security findings with management, security teams and IT teams.
Provide feedback and verification as an organization fixes security issues.
Identify, review, and recommend improvements for security services, system administration practices, and development/system integration methodology to improve the company's cybersecurity posture.
Qualifications Requires Daily Office Presence (3-5 days a week) at one of the listed locations.
Preferred Bachelor's degree in Information Systems, Engineering, Mathematics or Cyber Security or equivalent experience.
Requires 8-10 years of related experience.
Deep understanding of Transmission Control Protocol / Internet Protocol (TCP/IP) protocols, devices, security mechanisms and how they operate. Strong understanding of network security threats including APT, botnets, Distributed Denial of Service (DDoS) attacks, worms, and network exploits.
Experience with network probing/testing/analysis tools (Nessus, nmap, burp, wireshark, etc.)
Deep technical knowledge of Windows, UNIX and Linux operating systems as both an expert user and system administrator
Programming skills that will be used to construct, modify, and execute testing tools including shell (ksh, bash), [g]awk, Python, PERL, regex, .NET Programming, Java, C, C++, C#, PowerShell, curl, Web application development (PHP, ASP.NET, etc.)
Comprehensive knowledge of software security testing principles, practices, and tools, experience of vulnerability assessments in a complex environment.
Experience with Malware (including reverse engineering) and with internal and external attacks.
Experience or familiarity with vulnerability analysis, computer forensics tools, cryptography principles.
Excellent teamwork skills for collaboration on analysis techniques, implementation, and reporting. Must be able to work both independently as well as effectively work in teams of individuals with a variety of skills and backgrounds.
Excellent written and verbal communication skills and have demonstrated ability to present material to senior officials.
Highly self-motivated requiring little direction.
Demonstrates creative/out-of-the-box thinking and good problem-solving skills.
Desired Skills & Experience: Strong knowledge of an enterprise architecture
Experience with database management software (Oracle, MongoDB, MySQL, DB2, etc.)
Ability to obtain a strong and ongoing understanding of the technical details involved in current APT threats and exploits involving various operating systems, applications, and networking protocols.
Knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors.
Understanding of cloud-based architectures and highly distributed big data architectures
Understanding of mobile android and iOS environments and app development
Experience with application security testing tools, such as Qualys Web App Security, IBM AppScan, HP WebInspect, HP Fortify, Metasploit framework.
Knowledge of security frameworks (ISO 27001/27002, NIST, HIPPA, SOX, etc.)
One or more of these certifications
CEH : Certified Ethical Hacker
CPT : Certified Penetration Tester
CEPT : Certified Expert Penetration Tester
GPEN : GIAC Certified Penetration Tester
OSCP : Offensive Security Certified Profession
Our Principal-Cybersecurity employees earn between $158,200 - $237,400. Not to mention all the other amazing rewards that working at AT&T offers. Individual starting salary within this range may depend on geography, experience, expertise, and education/training.
Joining our team comes with amazing perks and benefits: Medical/Dental/Vision coverage
401(k) plan
Tuition reimbursement program
Paid Time Off and Holidays (based on date of hire, at least 23 days of vacation each year and 9 company-designated holidays)
Paid Parental Leave
Paid Caregiver Leave
Additional sick leave beyond what state and local law require may be available but is unprotected.
Adoption Reimbursement
Disability Benefits (short term and long term)
Life and Accidental Death Insurance
Supplemental benefit programs: critical illness/accident hospital indemnity/group legal
Employee Assistance Programs (EAP)
Extensive employee wellness programs
Employee discounts up to 50% off on eligible AT&T mobility plans and accessories, AT&T internet (and fiber where available) and AT&T phone
Weekly Hours:
40 Time Type:
Regular Location:
Bedminster, New Jersey Salary Range:
$141,300.00 - $237,400.00 It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, AT&T will provide reasonable accommodations for qualified individuals with disabilities.
Job ID R-15902-3 Date posted 04.26.2024
