Archive for the ‘ AT&T Security ’ Category

Senior Security Professionals – GRC – Anywhere USA – Fortune 10

cisspJob Area: Information Security Consulting

Title: Senior Consultant

Experience: 5-8 yrs in Information security

Location: Anywhere in USA

Travel: (mostly in region – mix of onsite and remote )

AT&T Security Solutions is a division of AT&T (a Fortune Global Top 10 company). AT&T is looking for an

information security practitioner with technical experience for the position of a Senior Consultant

located in the continental US to be a part of a dynamic team of experienced security professionals with

varied experiences. Candidate must be skilled in Secure Infrastructure Services such as secure network

architecture design, implementation, device configuration review, and secure architecture reviews.

AT&T Security Consulting clients range from some of the largest companies in the world to small

businesses requiring security consulting expertise.

Job Duties:

Key functions of this role will be to work on network security and architecture trusted advisor

engagements for our customers involving segmentation and optimization, DDoS mitigation, firewall

migration/optimization, detailed assessment and next-generation design recommendations. Manual

and automated configuration analysis for security weaknesses in firewalls, routers, switches, servers

(Windows, Unix/Linux), IDS/IDP, Databases, and other platforms as well as VoIP infrastructures will also

be required. Successful candidates will have demonstrated experience in network security consulting

and will have an understanding of network level risk assessments with the ability to write objective,

detailed reports explaining security issues. A background in Network Architecture and Engineering is

required. Technical knowledge and experience with configuration review tools such as Nessus, Nipper,

AlgoSec Firewall Analyzer, Tufin SecureTrack or NetBrain as well as Unix/Linux scripting (php, perl, shell,

etc.) will be given preference.

Requirements:

 Bachelors degree in Computer Science or related fields, Masters Degree preferred

 A minimum of four years of Information Security consulting with mid to advanced level

infrastructure security design experience required

 Very good understanding of security operations & management in a large customer environment

 Knowledge of Linux, UNIX, Windows (including Active Directory) and other operating systems

 Knowledge of popular databases such as MSSQL, Oracle, and MySQL

 Knowledge of VoIP infrastructures

 Ability to write customized scripts using at least two of bash, Perl, PHP, Python preferred

 Must possess strong network device implementation/integration and troubleshooting skills

 Must be able to demonstrate in-depth expertise with multiple network device and firewall

platforms, including at least 3 of the following:

o Palo Alto

o Fortinet

o Cisco ASA

o Cisco IOS and NX-OS routers/switches

o Check Point

o Juniper Netscreen

o Juniper SRX

 Must be a flexible team player, hard-working, and posses excellent communication and customer-

facing skills

 Must be self-directed, able to manage solo projects or participate as part of a larger team

 Strong report writing skills and ability to explain complex security issues to customers in a formal

presentation format required

 Must be able to interact confidently with all levels of technical and management client teams

 One Security certification such as CISSP, CISA, CISM, PCI QSA, CEH, SANS GSEC, etc., is required and

willingness to pursue further certification preferred.

 Ability to travel 50%-75%, mostly within region, must possess drivers’ license

Technical Skills

 Knowledge and experience with risk and compliance projects dealing with a variety of regulatory

and voluntary compliance standards such as: PCI-DSS, ISO 27000 series, federal and state security

and privacy regulations, HIPAA/HITECH, HiTrust, GLBA, SOX 404,etc. preferred

 Strong technical problem / resolution skills required

 Knowledge and experience with technical network and host-based security required.

 Mid to advanced level infrastructure or security design capabilities for environments that include 10

to 20 security devices, processes or applications.

 Mid to advanced level systems administration (UNIX/Linux, Windows, or database)

 Mid to advanced level network administration (firewalls, IDS/IPS, network architecture)

 Mid to advanced level knowledge of one or more of the following preferred:

o Vulnerability scanning

o Application development

o Policy development

o Forensics

o Security event monitoring

o routing/switching, including BGP, OSPF,v2/3 RIPv2 & EIGRP

Additional Requirements

 Knowledge and experience with risk and compliance assessments

 SCADA / Control systems network experience a plus

 Bi-lingual candidates a plus

Immediate Opportunities on our PCI Team – Must have active QSA – Anywhere USA

geek it

AT&T Security Solutions is a division of AT&T (a Fortune Global Top 10 company).

 

AT&T is looking for an information security practitioner with technical experience for the position of a Senior Consultant to be a part of a dynamic team of experienced security professionals with

varied experiences. Candidate must be skilled in Secure Infrastructure Services such as network

penetration testing, device configuration review, and secure architecture reviews. AT&T Security

Consulting clients range from some of the largest companies in the world to small businesses requiring

security consulting expertise.

Job Duties:

Key functions of this role will be to work on security and privacy consulting engagements for our

customers. Successful candidates will have demonstrated experience in security consulting and will

have an understanding of the business-technology interface; they will be able to understand business

environments/issues and have the ability to link them to technology at a high level. Experience with

network penetration testing is required. Technical security knowledge and experience with compliance

assessments such as PCI-DSS and ISO 27002 will be given preference.

Requirements:

• Bachelors degree in Computer Science or related fields, Masters Degree preferred

• A minimum of four years of Information Security consulting experience required

• Very good understanding of security operation & management in a large customer environment

• Must be a flexible team player, hard-working, and posses excellent communication and customer-
facing skills

• Must be self-directed, able to manage solo projects or participate as part of a larger team

• Strong report writing skills and ability to explain complex security issues to customers in a formal

presentation format required

• Creativity in finding cost-effective remediation solutions acceptable to our clients

• Must be able to interact confidently with all levels of technical and management client teams

• One Security certification such as CISSP, CISA, CISM, PCI QSA, CEH, SANS GSEC, etc., is required and

willingness to pursue further certification preferred.

• Ability to travel, mostly within region, must possess drivers’ license

Technical Skills

• Knowledge and experience with risk and compliance projects dealing with a variety of regulatory

and voluntary compliance standards such as: PCI-DSS, ISO 27000 series, federal and state security

and privacy regulations, HIPAA/HITECH, HiTrust, GLBA, SOX 404,etc. preferred

• Strong technical problem / resolution skills required

• Knowledge and experience with technical network and host-based security required.

• Mid to advanced level infrastructure or security design capabilities for environments that include 10

to 20 security devices, processes or applications.

• Mid to advanced level systems administration (UNIX/Linux, Windows, or mainframe)

• Knowledge with different application architectures and platforms, their development challenges,

their control configurations, and their inherent security strengths and weaknesses (e.g., ColdFusion,

J2EE, .Net) preferred

• Mid to advanced level network administration (firewalls, IDS/IPS, network architecture)

• Mid to advanced level knowledge of Penetration testing (network, system and application) required

• Mid to advanced level knowledge of one or more of the following preferred:

o Vulnerability scanning

o Application development

o Policy development

o Forensics

o Security event monitoring

• Vendor certification or demonstrable in-depth technical expertise with at least three major security

solution

o Examples Only: Symantec, McAfee, VeriSign, Juniper, Checkpoint, Cisco, Arcsite, Tripwire,

o Demonstrable experience includes being able to gather customer requirements, design a

etc.

solution, specify a build of materials, implement, tune/optimize, maintain or troubleshoot at

an architecture component level for an existing solution

Additional Requirements

• Knowledge and experience with risk and compliance assessments

• Familiar with retail information security challenges a plus

• Bi-lingual candidates a plus

100% Confidential

Seeking Active QSA’s immediately – Yes we ROC!

geek it

AT&T Security Solutions is a division of AT&T (a Fortune Global Top 10 company).

 

AT&T is looking for an information security practitioner with technical experience for the position of a Senior Consultant to be a part of a dynamic team of experienced security professionals with

varied experiences. Candidate must be skilled in Secure Infrastructure Services such as network

penetration testing, device configuration review, and secure architecture reviews. AT&T Security

Consulting clients range from some of the largest companies in the world to small businesses requiring

security consulting expertise.

Job Duties:

Key functions of this role will be to work on security and privacy consulting engagements for our

customers. Successful candidates will have demonstrated experience in security consulting and will

have an understanding of the business-technology interface; they will be able to understand business

environments/issues and have the ability to link them to technology at a high level. Experience with

network penetration testing is required. Technical security knowledge and experience with compliance

assessments such as PCI-DSS and ISO 27002 will be given preference.

Requirements:

• Bachelors degree in Computer Science or related fields, Masters Degree preferred

• A minimum of four years of Information Security consulting experience required

• Very good understanding of security operation & management in a large customer environment

• Must be a flexible team player, hard-working, and posses excellent communication and customer-
facing skills

• Must be self-directed, able to manage solo projects or participate as part of a larger team

• Strong report writing skills and ability to explain complex security issues to customers in a formal

presentation format required

• Creativity in finding cost-effective remediation solutions acceptable to our clients

• Must be able to interact confidently with all levels of technical and management client teams

• One Security certification such as CISSP, CISA, CISM, PCI QSA, CEH, SANS GSEC, etc., is required and

willingness to pursue further certification preferred.

• Ability to travel, mostly within region, must possess drivers’ license

Technical Skills

• Knowledge and experience with risk and compliance projects dealing with a variety of regulatory

and voluntary compliance standards such as: PCI-DSS, ISO 27000 series, federal and state security

and privacy regulations, HIPAA/HITECH, HiTrust, GLBA, SOX 404,etc. preferred

• Strong technical problem / resolution skills required

• Knowledge and experience with technical network and host-based security required.

• Mid to advanced level infrastructure or security design capabilities for environments that include 10

to 20 security devices, processes or applications.

• Mid to advanced level systems administration (UNIX/Linux, Windows, or mainframe)

• Knowledge with different application architectures and platforms, their development challenges,

their control configurations, and their inherent security strengths and weaknesses (e.g., ColdFusion,

J2EE, .Net) preferred

• Mid to advanced level network administration (firewalls, IDS/IPS, network architecture)

• Mid to advanced level knowledge of Penetration testing (network, system and application) required

• Mid to advanced level knowledge of one or more of the following preferred:

o Vulnerability scanning

o Application development

o Policy development

o Forensics

o Security event monitoring

• Vendor certification or demonstrable in-depth technical expertise with at least three major security

solution

o Examples Only: Symantec, McAfee, VeriSign, Juniper, Checkpoint, Cisco, Arcsite, Tripwire,

o Demonstrable experience includes being able to gather customer requirements, design a

etc.

solution, specify a build of materials, implement, tune/optimize, maintain or troubleshoot at

an architecture component level for an existing solution

Additional Requirements

• Knowledge and experience with risk and compliance assessments

• Familiar with retail information security challenges a plus

• Bi-lingual candidates a plus

App Sec – Senior Consultant – Anywhere USA

Roznos Enterprises LogoJob Area: Information Security Consulting

Title: Senior Consultant (Intermediate-level)

Experience: 3-6 yrs in Information security

Location: Eastern US

Travel:  ( Mix of onsite and remote )

 

Security Clearance: Beneficial, But Not Required

Job Description:

AT&T Consulting Solutions is a wholly owned subsidiary of AT&T (a Fortune Global Top 10 company).

AT&T is looking for a sharp penetration tester for the position of a Senior Consultant located anywhere

in the US to be a part of a dynamic team of experienced security professionals with varied experiences.

AT&T consulting clients range from some of the largest networks in the world to small businesses

requiring security consulting expertise.

Job Duties:

Perform network penetration tests for AT&T’s customers’ Internet-accessible and internal applications

and networks. A knowledge of wireless penetration testing and web application development security

strongly desired. Secure Code Review skills a great plus! The candidate should have a deep

understanding of TCP/IP, network discovery, DNS enumeration, vulnerability scanning, exploitation

methods and privilege escalation. The candidate should also have an excellent grasp of web application

exploitation and the OWASP list. The candidate must be able to write objective, detailed reports

explaining security issues.

Requirements:

 Bachelors degree or higher, Masters Degree preferred.

 Information Security experience of a minimum of three years

 Knowledge of Linux, UNIX, Windows and other operating systems

 Knowledge of popular databases such as MSSQL, Oracle, and MySQL

 Deep Knowledge of TCP/IP, network protocols, firewall evasion, ethical hacking, routing

protocols

 Experience in evading IDS/IPS, access control lists

 Experience with Nmap, Nessus/Qualys, Metasploit, Paros, Kismet, aircrack-ng, etc.

 Ability to write customized scripts using at least two of bash, Perl, Ruby, Python

 Knowledge of C/C++, Java, C#, etc would be beneficial

 Ability to travel 50%-75%, must possess drivers’ license

 Strong report writing skills and ability to explain complex security issues to customers

 Must be a flexible team player, hard-working, excellent communication and customer-facing

skills

 Security certifications such as CISSP, CEH, SANS GSEC, etc. preferred

 PCI DSS experience preferred

Technical Skills

 Strong technical problem / resolution skills

 Mid to advanced level infrastructure or security design capabilities for environments that include 10

to 20 security devices, processes or applications.

 Mid to advanced level systems administration (UNIX/Linux, Windows, or mainframe)

 Knowledge with different application architectures and platforms, their development challenges,

their control configurations, and their inherent security strengths and weaknesses (e.g., ColdFusion,

J2EE, .Net)

 Mid to advanced level network administration (firewalls, IDS/IPS, network architecture)

 Advanced level of methods and knowledge of three or more of the following:

o Vulnerability scanning

o Penetration testing (network, system and application)

o Application Security

o Code Review

o Forensics

o Security event monitoring

 Vendor certification or demonstrable in-depth technical expertise with at least three major security

solution

o Examples Only: Symantec, McAfee, VeriSign, Juniper, Checkpoint, Cisco, Arcsite, Tripwire,

o Demonstrable experience includes being able to gather customer requirements, design a

etc.

solution, specify a build of materials, implement, tune/optimize, maintain or troubleshoot at

an architecture component level for an existing solution

Additional Requirements

 Knowledge and experience with risk and compliance assessments

 Bi-lingual candidates a plus

Information Security – Senior Consultant – Full time anywhere USA

Roznos Enterprises LogoJob Area: Information Security Consulting

Title: Senior Consultant (Intermediate-level)

Experience: 5-8 yrs in Information security

Location: Anywhere in US; preference given to Northeast US

Travel: (mostly in region – mix of onsite and remote )

 

 

AT&T Security Solutions is a division of AT&T (a Fortune Global Top 10 company). AT&T is looking for an

information security practitioner with technical experience for the position of a Senior Consultant

located in the continental US to be a part of a dynamic team of experienced security professionals with

varied experiences. Candidate must be skilled in Secure Infrastructure Services such as secure network

architecture design, implementation, device configuration review, and secure architecture reviews.

AT&T Security Consulting clients range from some of the largest companies in the world to small

businesses requiring security consulting expertise.

Job Duties:

Key functions of this role will be to work on network security and architecture trusted advisor

engagements for our customers involving segmentation and optimization, DDoS mitigation, firewall

migration/optimization, detailed assessment and next-generation design recommendations. Manual

and automated configuration analysis for security weaknesses in firewalls, routers, switches, servers

(Windows, Unix/Linux), IDS/IDP, Databases, and other platforms as well as VoIP infrastructures will also

be required. Successful candidates will have demonstrated experience in network security consulting

and will have an understanding of network level risk assessments with the ability to write objective,

detailed reports explaining security issues. A background in Network Architecture and Engineering is

required. Technical knowledge and experience with configuration review tools such as Nessus, Nipper,

AlgoSec Firewall Analyzer, Tufin SecureTrack or NetBrain as well as Unix/Linux scripting (php, perl, shell,

etc.) will be given preference.

Requirements:

 Bachelors degree in Computer Science or related fields, Masters Degree preferred

 A minimum of four years of Information Security consulting with mid to advanced level

infrastructure security design experience required

 Very good understanding of security operations & management in a large customer environment

 Knowledge of Linux, UNIX, Windows (including Active Directory) and other operating systems

 Knowledge of popular databases such as MSSQL, Oracle, and MySQL

 Knowledge of VoIP infrastructures

 Ability to write customized scripts using at least two of bash, Perl, PHP, Python preferred

 Must possess strong network device implementation/integration and troubleshooting skills

 Must be able to demonstrate in-depth expertise with multiple network device and firewall

platforms, including at least 3 of the following:

o Palo Alto

o Fortinet

o Cisco ASA

o Cisco IOS and NX-OS routers/switches

o Check Point

o Juniper Netscreen

o Juniper SRX

 Must be a flexible team player, hard-working, and posses excellent communication and customer-

facing skills

 Must be self-directed, able to manage solo projects or participate as part of a larger team

 Strong report writing skills and ability to explain complex security issues to customers in a formal

presentation format required

 Must be able to interact confidently with all levels of technical and management client teams

 One Security certification such as CISSP, CISA, CISM, PCI QSA, CEH, SANS GSEC, etc., is required and

willingness to pursue further certification preferred.

 Ability to travel 50%-75%, mostly within region, must possess drivers’ license

Technical Skills

 Knowledge and experience with risk and compliance projects dealing with a variety of regulatory

and voluntary compliance standards such as: PCI-DSS, ISO 27000 series, federal and state security

and privacy regulations, HIPAA/HITECH, HiTrust, GLBA, SOX 404,etc. preferred

 Strong technical problem / resolution skills required

 Knowledge and experience with technical network and host-based security required.

 Mid to advanced level infrastructure or security design capabilities for environments that include 10

to 20 security devices, processes or applications.

 Mid to advanced level systems administration (UNIX/Linux, Windows, or database)

 Mid to advanced level network administration (firewalls, IDS/IPS, network architecture)

 Mid to advanced level knowledge of one or more of the following preferred:

o Vulnerability scanning

o Application development

o Policy development

o Forensics

o Security event monitoring

o routing/switching, including BGP, OSPF,v2/3 RIPv2 & EIGRP

Additional Requirements

 Knowledge and experience with risk and compliance assessments

 SCADA / Control systems network experience a plus

 Bi-lingual candidates a plus

Application Security Senior Consultant – Anywhere USA – Full time

Roznos Enterprises LogoThe Application Security Practice of AT&T Consulting Solutions is looking for qualified persons to join its

team of world-class security professionals. This position will be focused on providing guidance around

application security considerations to our portfolio of Fortune 500 clients, conducting security

assessments of applications hosted and deployed on a wide range of platforms and languages, and work

with the practice leadership to keep abreast of developments in the application security space from

both a technical and a policy/process/procedure/compliance perspective.

Key job responsibilities will include:

 Perform application security reviews, penetration tests, and code-level reviews

 Consult with application owners on application vulnerabilities and security best practices

 Follow standard methodologies and develop new and innovative processes.

 Focus on results and work within tight timelines.

 Demonstrated ability to learn and apply critical thinking to a variety of situations.

Required Qualifications

 3-5 years of experience conducting web application security reviews

 Expertise in web application vulnerabilities and security best practices

 Knowledge of network and application design, support and development

 Experience with the following Web Assessment tools: BURP Suite PRO, APP Scan, and other

tools as needed.

 BS in CS, Engineering, Information Systems or equivalent.

 Experience performing penetration testing at the network layer

 Experience performing secure code reviews on common languages and experience with tools

such as Fortify 360 or AppScan Source Edition

 Understanding of web application protocols (HTML, HTTP, XML, etc.)

 In depth understanding of SDLC models and approaches

 Experience coding with C/C++, Java, .NET or other programming and scripting languages

 Excellent communication (written and oral) and interpersonal skills

 Strong organizational, multi-tasking, and time-management skills

 Ability to travel

Additional Qualifications

 Active security clearance a big plus

 Application development experience a plus

 Mobile application security experience a plus

 Consulting experience is a plus

 CISSP or other security certifications

 Governance, regulatory or controls experience

 Understanding of software development methodologies such as waterfall, Rational Unified

Process and Agile software development

 Understanding of information security and available security tools and technologies

 

New England – PCI active QSA – Full time – We ROC

NewEnglandflagAT&T Security Solutions is a division of AT&T (a Fortune Global Top 10 company). AT&T is looking for

an information security practitioner with technical experience for the position of a Senior Consultant

located in the western US to be a part of a dynamic team of experienced security professionals with

varied experiences. Candidate must be skilled in Secure Infrastructure Services such as network

penetration testing, device configuration review, and secure architecture reviews. AT&T Security

Consulting clients range from some of the largest companies in the world to small businesses requiring

security consulting expertise.

Job Duties:

Key functions of this role will be to work on security and privacy consulting engagements for our

customers. Successful candidates will have demonstrated experience in security consulting and will

have an understanding of the business-technology interface; they will be able to understand business

environments/issues and have the ability to link them to technology at a high level. Experience with

network penetration testing is required. Technical security knowledge and experience with compliance

assessments such as PCI-DSS and ISO 27002 will be given preference.

Requirements:

• Bachelors degree in Computer Science or related fields, Masters Degree preferred

• A minimum of four years of Information Security consulting experience required

• Very good understanding of security operation & management in a large customer environment

• Must be a flexible team player, hard-working, and posses excellent communication and customer-
facing skills

• Must be self-directed, able to manage solo projects or participate as part of a larger team

• Strong report writing skills and ability to explain complex security issues to customers in a formal

presentation format required

• Creativity in finding cost-effective remediation solutions acceptable to our clients

• Must be able to interact confidently with all levels of technical and management client teams

• One Security certification such as CISSP, CISA, CISM, PCI QSA, CEH, SANS GSEC, etc., is required and

willingness to pursue further certification preferred.

• Ability to travel, mostly within region, must possess drivers’ license

Technical Skills

• Knowledge and experience with risk and compliance projects dealing with a variety of regulatory

and voluntary compliance standards such as: PCI-DSS, ISO 27000 series, federal and state security

and privacy regulations, HIPAA/HITECH, HiTrust, GLBA, SOX 404,etc. preferred

• Strong technical problem / resolution skills required

• Knowledge and experience with technical network and host-based security required.

• Mid to advanced level infrastructure or security design capabilities for environments that include 10

to 20 security devices, processes or applications.

• Mid to advanced level systems administration (UNIX/Linux, Windows, or mainframe)

• Knowledge with different application architectures and platforms, their development challenges,

their control configurations, and their inherent security strengths and weaknesses (e.g., ColdFusion,

J2EE, .Net) preferred

• Mid to advanced level network administration (firewalls, IDS/IPS, network architecture)

• Mid to advanced level knowledge of Penetration testing (network, system and application) required

• Mid to advanced level knowledge of one or more of the following preferred:

o Vulnerability scanning

o Application development

o Policy development

o Forensics

o Security event monitoring

• Vendor certification or demonstrable in-depth technical expertise with at least three major security

solution

o Examples Only: Symantec, McAfee, VeriSign, Juniper, Checkpoint, Cisco, Arcsite, Tripwire,

o Demonstrable experience includes being able to gather customer requirements, design a

etc.

solution, specify a build of materials, implement, tune/optimize, maintain or troubleshoot at

an architecture component level for an existing solution

Additional Requirements

• Knowledge and experience with risk and compliance assessments

• Familiar with retail information security challenges a plus

• Bi-lingual candidates a plus