Senior Security Professionals – GRC – Anywhere USA – Fortune 10

cisspJob Area: Information Security Consulting

Title: Senior Consultant

Experience: 5-8 yrs in Information security

Location: Anywhere in USA

Travel: (mostly in region – mix of onsite and remote )

AT&T Security Solutions is a division of AT&T (a Fortune Global Top 10 company). AT&T is looking for an

information security practitioner with technical experience for the position of a Senior Consultant

located in the continental US to be a part of a dynamic team of experienced security professionals with

varied experiences. Candidate must be skilled in Secure Infrastructure Services such as secure network

architecture design, implementation, device configuration review, and secure architecture reviews.

AT&T Security Consulting clients range from some of the largest companies in the world to small

businesses requiring security consulting expertise.

Job Duties:

Key functions of this role will be to work on network security and architecture trusted advisor

engagements for our customers involving segmentation and optimization, DDoS mitigation, firewall

migration/optimization, detailed assessment and next-generation design recommendations. Manual

and automated configuration analysis for security weaknesses in firewalls, routers, switches, servers

(Windows, Unix/Linux), IDS/IDP, Databases, and other platforms as well as VoIP infrastructures will also

be required. Successful candidates will have demonstrated experience in network security consulting

and will have an understanding of network level risk assessments with the ability to write objective,

detailed reports explaining security issues. A background in Network Architecture and Engineering is

required. Technical knowledge and experience with configuration review tools such as Nessus, Nipper,

AlgoSec Firewall Analyzer, Tufin SecureTrack or NetBrain as well as Unix/Linux scripting (php, perl, shell,

etc.) will be given preference.


 Bachelors degree in Computer Science or related fields, Masters Degree preferred

 A minimum of four years of Information Security consulting with mid to advanced level

infrastructure security design experience required

 Very good understanding of security operations & management in a large customer environment

 Knowledge of Linux, UNIX, Windows (including Active Directory) and other operating systems

 Knowledge of popular databases such as MSSQL, Oracle, and MySQL

 Knowledge of VoIP infrastructures

 Ability to write customized scripts using at least two of bash, Perl, PHP, Python preferred

 Must possess strong network device implementation/integration and troubleshooting skills

 Must be able to demonstrate in-depth expertise with multiple network device and firewall

platforms, including at least 3 of the following:

o Palo Alto

o Fortinet

o Cisco ASA

o Cisco IOS and NX-OS routers/switches

o Check Point

o Juniper Netscreen

o Juniper SRX

 Must be a flexible team player, hard-working, and posses excellent communication and customer-

facing skills

 Must be self-directed, able to manage solo projects or participate as part of a larger team

 Strong report writing skills and ability to explain complex security issues to customers in a formal

presentation format required

 Must be able to interact confidently with all levels of technical and management client teams

 One Security certification such as CISSP, CISA, CISM, PCI QSA, CEH, SANS GSEC, etc., is required and

willingness to pursue further certification preferred.

 Ability to travel 50%-75%, mostly within region, must possess drivers’ license

Technical Skills

 Knowledge and experience with risk and compliance projects dealing with a variety of regulatory

and voluntary compliance standards such as: PCI-DSS, ISO 27000 series, federal and state security

and privacy regulations, HIPAA/HITECH, HiTrust, GLBA, SOX 404,etc. preferred

 Strong technical problem / resolution skills required

 Knowledge and experience with technical network and host-based security required.

 Mid to advanced level infrastructure or security design capabilities for environments that include 10

to 20 security devices, processes or applications.

 Mid to advanced level systems administration (UNIX/Linux, Windows, or database)

 Mid to advanced level network administration (firewalls, IDS/IPS, network architecture)

 Mid to advanced level knowledge of one or more of the following preferred:

o Vulnerability scanning

o Application development

o Policy development

o Forensics

o Security event monitoring

o routing/switching, including BGP, OSPF,v2/3 RIPv2 & EIGRP

Additional Requirements

 Knowledge and experience with risk and compliance assessments

 SCADA / Control systems network experience a plus

 Bi-lingual candidates a plus

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: