New England – PCI active QSA – Full time – We ROC

NewEnglandflagAT&T Security Solutions is a division of AT&T (a Fortune Global Top 10 company). AT&T is looking for

an information security practitioner with technical experience for the position of a Senior Consultant

located in the western US to be a part of a dynamic team of experienced security professionals with

varied experiences. Candidate must be skilled in Secure Infrastructure Services such as network

penetration testing, device configuration review, and secure architecture reviews. AT&T Security

Consulting clients range from some of the largest companies in the world to small businesses requiring

security consulting expertise.

Job Duties:

Key functions of this role will be to work on security and privacy consulting engagements for our

customers. Successful candidates will have demonstrated experience in security consulting and will

have an understanding of the business-technology interface; they will be able to understand business

environments/issues and have the ability to link them to technology at a high level. Experience with

network penetration testing is required. Technical security knowledge and experience with compliance

assessments such as PCI-DSS and ISO 27002 will be given preference.


• Bachelors degree in Computer Science or related fields, Masters Degree preferred

• A minimum of four years of Information Security consulting experience required

• Very good understanding of security operation & management in a large customer environment

• Must be a flexible team player, hard-working, and posses excellent communication and customer-
facing skills

• Must be self-directed, able to manage solo projects or participate as part of a larger team

• Strong report writing skills and ability to explain complex security issues to customers in a formal

presentation format required

• Creativity in finding cost-effective remediation solutions acceptable to our clients

• Must be able to interact confidently with all levels of technical and management client teams

• One Security certification such as CISSP, CISA, CISM, PCI QSA, CEH, SANS GSEC, etc., is required and

willingness to pursue further certification preferred.

• Ability to travel, mostly within region, must possess drivers’ license

Technical Skills

• Knowledge and experience with risk and compliance projects dealing with a variety of regulatory

and voluntary compliance standards such as: PCI-DSS, ISO 27000 series, federal and state security

and privacy regulations, HIPAA/HITECH, HiTrust, GLBA, SOX 404,etc. preferred

• Strong technical problem / resolution skills required

• Knowledge and experience with technical network and host-based security required.

• Mid to advanced level infrastructure or security design capabilities for environments that include 10

to 20 security devices, processes or applications.

• Mid to advanced level systems administration (UNIX/Linux, Windows, or mainframe)

• Knowledge with different application architectures and platforms, their development challenges,

their control configurations, and their inherent security strengths and weaknesses (e.g., ColdFusion,

J2EE, .Net) preferred

• Mid to advanced level network administration (firewalls, IDS/IPS, network architecture)

• Mid to advanced level knowledge of Penetration testing (network, system and application) required

• Mid to advanced level knowledge of one or more of the following preferred:

o Vulnerability scanning

o Application development

o Policy development

o Forensics

o Security event monitoring

• Vendor certification or demonstrable in-depth technical expertise with at least three major security


o Examples Only: Symantec, McAfee, VeriSign, Juniper, Checkpoint, Cisco, Arcsite, Tripwire,

o Demonstrable experience includes being able to gather customer requirements, design a


solution, specify a build of materials, implement, tune/optimize, maintain or troubleshoot at

an architecture component level for an existing solution

Additional Requirements

• Knowledge and experience with risk and compliance assessments

• Familiar with retail information security challenges a plus

• Bi-lingual candidates a plus

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: