Security Classification Assessor Test Engineer IV (Government)
Pursue a career and your calling.
"The similarities between military and AT&T culture are centered around morals..."Chris S. — EVP, Technology Operations
"There are a lot of veterans here and it is a very supportive and positive environment just like the military. There is also a strong emphasis on ethics here similar to the military."
Help give our nation powerful possibilities.
What you can do in Government Solutions
Find out how you can keep our nation safe.
See how AT&T is connecting the United States government.
AT&T Global Public Sector is a trusted provider of secure, IP enabled, cloud-based, network solutions and professional services to the . We are dedicated to recruiting, developing and empowering a diverse, high-performing workforce that is passionate about what they do, committed to our shared values and dedicated to our customers’ mission
Our National Security Team supports the intelligence community, providing, operating and assuring critical voice, video and collaboration services for the full spectrum of operations. The services required by this contract will assist OS&CI in providing the NRO a secure mission environment. The contractor shall provide realistic, innovative information security solutions to accomplish the requirements in addition to program management. The services obtained under this contract shall provide expertise to support information systems security, security control assessments, information assurance engineering, and security control assessments test engineering.
AT&T has an opening for an Security Classification Assessor Test Engineer (SCATE 4) to support the Defense and Nat Security Cyber Security.
The job duties of the SCATE 4 are as follows:
- As a senior member of a Red Team
- Lead in the design and execution of adversarial based security testing of various targets.
- Evaluating environments, applications, systems or processes to discover weaknesses, and subsequently leverage those discoveries into actionable real-world attack strategies.
- Provide leadership and guidance to advance the operational capabilities of the team and its subsequent ability to evaluate risk to the enterprise
- Demonstrate an ability to structure a Red Team and optimize it for execution, including programmatic improvements to fill in gaps with the existing team.
- Perform and lead a full scope of Red Team testing; including network penetration, web application testing, threat analysis, wireless network assessments, social-engineering testing, and IDS/IPS/Antivirus evasion techniques.
- Utilize knowledge of operating systems, networking protocols, firewalls, databases, firmware, middleware, applications, forensic analysis, scripting, and programming to perform adversarial based security engagements.
- Develop comprehensive and accurate reports and presentations for both technical and executive audiences.
- Mentor and lead junior technical operators and clearly translate highly technical information to senior management in a way that supports mission goals.
- Help define the Red Team strategy to further enhance the organization’s security posture.
- Effectively communicate findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel.
- Provide risk-appropriate and pragmatic recommendations to correct vulnerabilities found.
- Configure and safely utilize attacker tools, tactics, and procedures to improve the security posture of mission systems.
- Develop scripts, tools, or methodologies to enhance the Red Team processes
TS/SCI with poly (#ts/sci) (#polygraph)
- Experience in network penetration testing and manipulation of network infrastructure.
- Experience in shell scripting or automation of simple tasks using Perl, Python, or Ruby.
- Experience developing, extending, or modifying exploits, shellcode or exploit tools.
- Experience with Red, Blue, or Purple teaming exercises.
- Working knowledge of exfiltration and lateral movement tradecraft.
- Working knowledge of OSINT collection/ reconnaissance techniques for target selection.
- Strong attention to detail with analytical and problem-solving skills.
- Knowledge of tools used for web application and network security testing, such as Kali Linux, Metasploit, Burp suite, Cobalt Strike, Bloodhound, Powershell Empire, Nessus, Web Inspect, NMAP, Nikto, Sqlmap, etc.
- Bachelor’s Degree AND 15 Years’ Experience OR
- Master’s Degree AND 10 Years’ Experience
Must meet minimum requirements for DoD 8570 IAT Level III to include ONE of the following:
- CASP+ CE
- CCNP Security
- CISSP (or Associate)
- A degree in a technical field (Computer Science, IT Engineering, etc).
- Solid understanding of common hosting environments such as containerization platforms (e.g., Docker and Kubernetes) and virtual machines running under hypervisors.
- Experience with source code review for control flow and security flaws.
- An implementation level familiarity with all common classes of modern exploitation such as: XSS, XMLi, SQLi, Deserialization Attacks, etc.
- Thorough understanding of network protocols, data on the wire, and covert channels.
- Mastery of Unix/Linux/Mac/Windows operating systems, including bash and Powershell.
- Experience in mobile and/or web application assessments.
- Experience in email, phone, or physical social-engineering assessments.
- Programming skills as well as the ability to read and assess applications written in multiple languages, such as JAVA, .NET, C#, or others.
- Emulate ransomware and advanced persistent threats (APT) in support of Threat Hunt.
- Industry certifications such as OSCP/OSCE, OSWE, GPEN, GCIH, GWAPT, or GXPN.
Ready to join our team? Apply Today!
Our Security Classification Assessor Test Engineer IV earn between $89,200-$200,000 yearly. Not to mention all the other amazing rewards that working at AT&T offers. Individual starting salary within this range may depend on geography, experience, expertise, and education/training.
Joining our team comes with amazing perks and benefits:
- Medical/Dental/Vision coverage
- 401(k) plan
- Tuition reimbursement program
- Paid Time Off and Holidays (based on date of hire, at least 23 days of vacation each year and 9 company-designated holidays)
- Paid Parental Leave
- Paid Caregiver Leave
- Additional sick leave beyond what state and local law require may be available but is unprotected
- Adoption Reimbursement
- Disability Benefits (short term and long term)
- Life and Accidental Death Insurance
- Supplemental benefit programs: critical illness/accident hospital indemnity/group legal
- Employee Assistance Programs (EAP)
- Extensive employee wellness programs
- Employee discounts up to 50% off on eligible AT&T mobility plans and accessories, AT&T internet (and fiber where available) and AT&T phone
Job ID 2230635 Date posted 06/14/2022
Invested in your satisfaction and continued success.
We take care of our own here (hint: that could be you). Our benefits and rewards mean we cover some of your biggest needs with some of the coolest offerings. We already think we’re a pretty great place to work. We’re just trying to rack up some bonus points.
Let’s start with the big one: Your work gets rewarded with competitive compensation and benefits. It really does pay to be on our team.
When it comes to priorities, we know family tops the list. For the moments that matter the most, you'll be there for them, and we'll be here for you.
The Hiring Process
Complete a quick application online and check your status often.
Virtual or in-person
Dress professionally and ensure good WiFi interviewing virtually.
After a background check, you're part of the team.
and Training Begins
Our training and certification programs set you up for success.
Do the right thing, no compromise.
Innovate and get there first.
In everything, every time.
Make a Difference
Impact your world.
Stand for Equality
Speak with your actions.
When customers & colleagues need you most.