Principal - Technology Security

Overall Purpose: Responsible for review and analysis of security requirements, works with senior team members to develop integrated plans to protect corporate assets and information technology, and administers security systems to support daily security operations. Key Roles and Responsibilities: Includes researching, recommending, documenting, and coordinating implementation of changes to policies, procedures, facilities, and systems to enhance security as well as developing and delivering corporate security awareness training for users and technical security training for system administrators. Facilitates compliance with company security policies, practices and legal requirements. May provide support to non-management employees, including coaching, on-the-job and formal training, reference materials, procedures and system documentation. Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information. May interface with other stakeholders including vendors, application development and technical support staff, and clients. May provide inventory and asset management resources to security operation, including administrative supplies, security specific resources such as SecurID cards or cryptographic key management, and specialized security software. The candidate will work as a member of the AT&T Chief Security Office Global Response Team, as a threat analyst, on a project that analyzes event data for security relevant events using a variety of network-data processing platforms. Position will have a strong focus on the Enterprise network. The candidate will work in a collaborative manner with other analysts to identify, characterize, provide recommendations for remediation, and define analytical methods to automate the analysis. The candidate will perform ad-hoc analytical processing on a variety of network data feeds, system processed data derivatives (metadata), automated system alerts, and open source information. This will require collaboration with other analysts, as well as collaboration with outside organizations. The analyst will require knowledge in some of the newest areas of security including Cloud technology, Big Data environments, Mobility, and Advanced Persistent Threats. Some aspects of the analysis may require use of deep packet inspection packet analysis.  The candidate will be responsible for reporting findings in written and verbal form.  Results of analysis will be used to inform management, notify affected customers, advise network operations, and advise network engineering on security issues as well as recommended remediation and solutions.  The candidate will also work with researchers to help define algorithms for automation of ad-hoc analysis methods and will work with the analysis platform engineering and development team to help define automated processing reports and alerts for automation of ad-hoc processes. Required Skills: Understanding of Transmission Control Protocol / Internet Protocol (TCP/IP) protocols and how they operate. Understanding of the analytical techniques needed to successfully work in the latest networking environments. (Cloud, Big Data, Mobility) Strong understanding of networksecuritythreats including APT, botnets, Distributed Denial of Service (DDoS) attacks, worms, and network exploits. Analytical skills for working with large volumes of data including data reduction, aggregation. This includes working in a Big Data environment. Packet analysis using tools such as wireshark, NetWitness, and/or Niksun. Programming skills in a Unix processing environment that will be used to help manipulate data for analysis including shell (ksh, bash), g awk, Python, C, regex, Snort, MySQL, AT&T Daytona Data Base Management System (DBMS)/Cymbal. Understanding of statistical and aggregation methods to derive meaningful and accurate analysis results. Excellent written and verbal communications skills. Excellent team work skills for collaboration on analysis techniques, implementation, and reporting. Desired Skills: Strong knowledge of an enterprise architecture Experience with database management software (Oracle, MongoDB, MySQL, DB2, etc.) Ability to obtain a strong and ongoing understanding of the technical details involved in current APT threats and exploits involving various operating systems, applications and networking protocols. Knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors. Understanding of cloud-based architectures and highly distributed big dataarchitectures Experience with application security testing tools, such as Qualys Web App Security, IBM AppScan, HP WebInspect, HP Fortify, Metasploit framework Knowledge of security frameworks (ISO 27001/27002, NIST, HIPPA, SOX, etc.) One or more of these certifications: CEH: Certified Ethical Hacker CPT: Certified Penetration Tester CEPT: Certified Expert Penetration Tester GPEN: GIAC Certified Penetration Tester OSCP: Offensive Security Certified Professional Possession of a United States government security clearance desired (if no security clearance currently held, the candidate must be willing and able to apply for a security clearance)Job Contribution: Expert level technical professional. Advisor on technical knowledge and ATT technologies. Education: Bachelors of Science degree in the field of Computers, Engineering, or Mathematics preferred. Experience: Typically has 5-8 years of relevant experience. Technical Career Pathway (TCP) role. Supervisory: No. Environmental Requirements: This position may be responsible for contributing to AT&T's compliance with environmental laws and regulations as applicable to its job function. This may include, but is not limited to, work related to fuel tanks, emergency and stand-by generators, boilers, hazardous waste, hazardous materials, batteries, manholes and vaults, water wells, linear and other construction projects, water discharge, or air emissions. Principal Functional Skills / Competencies associated with this Title: Business Orientation Cloud Computing Encryption Technologies Endpoint Security Finance and Accounting Identity and Access Management Information Security Architecture Information Security Management Investigative Information Security Technologies IT Service Continuity Management Network and Internet Security Process Management Project Management Quality Management Risk Assessment Risk Management Software Security Assurance Solutions Development Technical Excellence Technology Advising Job ID 1843960-1
Salary Range: NA
Minimum Qualification
5 - 7 years

Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.

More Jobs

Manager Lodging Technology (M/F)
Spotswood, NJ The Walt Disney Company
Sr. Principal Data Steward
Parsippany, NJ Adp
Security Solutions Architect
Eatontown, NJ ConvergeOne
Cyber Security Program Manager
Englewood Cliffs, NJ NBC Universal
Security Solutions Architect
Parsippany, NJ ConvergeOne