Sign In
 [New User? Sign Up]
Mobile Version

Cybersecurity Consultant 2 - Vulnerability Threat Management

AT&T


Location:
Austin, TX
Date:
01/17/2018
2018-01-172018-02-15
Job Code:
att4-6550336
Categories:
  • IT Engineer
  • Application Developer
  • Developer
  •  
  • Save Ad
  • Email Friend
  • Print
  • Research Salary

Job Details

Company AT&T

Job Title Cybersecurity Consultant 2 - Vulnerability Threat Management

Jobid att4-6550336

Location: Austin, TX, 78769, USA

Description AT&T
is looking for a sharp penetration tester for the position of Cybersecurity
Consultant to be a part of a dynamic team of
experienced security professionals with varied experiences. AT&T consulting
clients range from some of the largest networks in the world to small
businesses requiring security consulting expertise.



**Job Duties:**



Perform network and application
layer penetration tests for AT&T’s customers’ Internet-accessible and
internal applications and networks. A knowledge of wireless penetration testing
and web application development security strongly desired. Incident Response
and Forensic skills a plus. The candidate should have a deep understanding of
TCP/IP, network discovery, DNS enumeration, vulnerability scanning,
exploitation methods and privilege escalation. The candidate should also have
an excellent grasp of web application exploitation and the OWASP list.
The candidate must be able to write objective, detailed reports
explaining security issues.



**Requirements:**



+ Certified ethical hacker credential or equivalent

+ Actively performing pen tests for a minimum of3-5 years

+ Qualys experience for vunerability scan and web applications vunerability scan

+ Ability to pass Criminal Justice System background check

+ Information Security experience of a minimum of threeyears

+ Knowledge of Linux, UNIX, Windows and other operatingsystems

+ Knowledge of popular databases such as MSSQL, Oracle,and MySQL

+ Deep Knowledge of TCP/IP, network protocols, firewallevasion, ethical hacking, routing protocols

+ Experience in evading IDS/IPS, access control lists

+ Experience with Nmap, Nessus/Qualys, Metasploit, Paros,Kismet, aircrack-ng, etc.

+ Ability to write customized scripts using at least twoof bash, Perl, Ruby, Python

+ Knowledge of C/C++, Java, C#, Python or similar wouldbe beneficial

+ Ability to travel 25%

+ Strong report writing skills and ability to explaincomplex security issues to customers

+ Must be a flexible team player, hard-working, excellentcommunication and customer-facing skills

+ Security certifications such as CISSP, CEH, SANS GSEC,etc. preferred

+ Other industry certifications relating to IT securityand program management preferred (GIAC, CEH, TNCP, ITILv2 PMP, etc...)

+ PCI DSS experience preferred



**Technical Skills**



+ Strong technical problem / resolution skills

+ Mid to advanced level infrastructure or security designcapabilities for environments that include 10 to 20 security devices,processes or applications.

+ Mid to advanced level systems administration(UNIX/Linux, Windows, or mainframe)

+ Knowledge with different application architectures andplatforms, their development challenges, their control configurations, andtheir inherent security strengths and weaknesses (e.g., ColdFusion, J2EE,.Net)

+ Mid to advanced level network administration(firewalls, IDS/IPS, network architecture)

+ Experience with web application penetration testingtools preferred, such as Burp Suite Pro, IBM AppScan, HP WebInspect, etc.

+ Advanced level of methods and knowledge of three ormore of the following:



+ Vulnerability scanning

+ Penetration testing (network, system and application)

+ Application Security

+ Code Review

+ Forensics and Incident Response

+ Security event monitoring



+ Vendor certification or demonstrable in-depth technicalexpertise with at least three major security solution



+ Examples Only: Symantec, McAfee, VeriSign, Juniper,Checkpoint, Cisco, Arcsite, Tripwire, etc.

+ Demonstrable experience includes being able to gathercustomer requirements, design a solution, specify a build of materials,implement, tune/optimize, maintain or troubleshoot at an architecturecomponent level for an existing solution



**Additional Requirements**



+ Bi-lingual candidates a plus

+ Incident Response and Forensic experience a strong plus

+ Ability to work independently and also collaboratingclosely with application developers, engineers and others.

+ Effective written, oral communication skills, andinterpersonal communication skills.

+ Strong communications skills to be able to interactwith technical and non-technical colleagues.

+ Knowledge of the latest security threats, techniquesand exploits targeting vulnerabilities

+ Strong familiarity with multiple operating systems,databases, applications and platforms.

+ Understanding of SQL, XSS, CSRF and other trends in webexploitation

+ Working understanding of HTML and common webapplications

+ Thorough understanding of computer networking and theOSI model

+ Cyber-threat research, reporting anddevelopment/implementation of vulnerability mitigation strategies a plus

+ Programming experience is a plus

+ Calculate and assess risk based on threats,vulnerabilities, and mitigating factors.

+ Knowledge of exploit development is a plus.

+ Demonstrated knowledge and experience evaluating ITprocess areas, such as logical and physical access, program development,change management, IT operations etc.

+ Strong task management skills and ability tomulti-task.

+ Detail oriented and analytical.



At AT&T, we’re bringing it all together. We deliver advanced mobile services, next-generation TV, high-speed internet and smart solutions for people and businesses. That’s why we’re investing to be the premier integrated communications company.

Powered ByLogo

Featured Employers

Featured Jobs