Senior Information System Security Engineer,
Pursue a career and your calling.
"The similarities between military and AT&T culture are centered around morals..."Chris S. — EVP, Technology Operations
"There are a lot of veterans here and it is a very supportive and positive environment just like the military. There is also a strong emphasis on ethics here similar to the military."
Help give our nation powerful possibilities.
What you can do in Government Solutions
Find out how you can keep our nation safe.
See how AT&T is connecting the United States government.
AT&T Global Public Sector is a trusted provider of secure, IP-enabled, cloud-based, network solutions and professional services to the . We are dedicated to recruiting, developing, and empowering a diverse, high-performing workforce that is passionate about what they do, committed to our shared values, and dedicated to our customers’ mission.
Our Cyber Security Team supports the customer by investigating, analyzing, and mitigating cybersecurity incidents that attempt to breach the Customer’s network infrastructure, applications, and operating systems.
AT&T has an opening for a Senior Information System Security Engineerto support the Moonshot contract.
The selected candidate for the ISSE role will support the customer by providing Cyber Security Architecture Analysis and Security Engineering Support. As the ISSE, the selected candidate will be called upon to perform the following tasks:
- Ensuring cyber security is baked into the design of new/existing operational environments
- Perform and review technical security assessments of computing environments to identify points of vulnerability, non-compliance with established cybersecurity standards and regulations, and recommend mitigation strategies
- Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources
- Perform security authorization activities in compliance with Risk Management Framework (RMF) policies and procedures to include: System Security Plans (SSPs), Risk Assessment Reports, A&A packages, and Security Controls Traceability Matrix (SCTM).
- Assist ISSMs/ISSOs in maintaining operational security posture to ensure information systems (IS), security policies, standards, and procedures are established and followed.
- Performs vulnerability/risk assessment analysis to support Assessment & Authorization (A&A)
- Ensure that system designs support the incorporation cyber security vulnerability solutions
- Provides configuration management (CM) expertise for information system security software, hardware, and firmware and leads Change Control Board (CCB) meetings.
- Coordinates with the Information System Security Analysts, and system administrators for control implementation and Plans of Actions and Milestones (POA&Ms) closeout requirements.
- Ensures systems designs support incorporation to customer continuous monitoring solutions (i.e., Vulnerability Alerts, Splunk, Enterprise Scanning, etc.)
- Required to become proficient on the Customer’s Assessment and Authorization tool to track and document the RMF steps.
- Identify, assess, and recommend cyber security products for use within an operational environment
- Provide subject matter expertise to the development of a common operational picture.
- Develop and implement security vulnerability assessments and penetration tests.
- Ensure that cybersecurity-enabled products or other compensating security control technologies reduce identified risk to acceptable security levels.
- Maintain operational security posture for an information system or program.
- Apply a full range of Cybersecurity policies, principles and techniques to maintain security integrity of information systems processing classified information.
- Conducting vulnerability scans and recognizing vulnerabilities in security systems
- Perform cyber defense trend analysis and reporting.
- Perform security reviews and identify security gaps in security architecture resulting in recommendations for inclusion in the risk.
- Knowledge and understanding of cyber defense tools for continual monitoring and analysis of system activity to identify malicious activity.
TS/SCI with poly (#ts/sci) (#polygraph)
- Candidate must have 10 years of experience that can be a combination of work history and education. This equates to:
- Doctorate and 3 years of experience; OR
- Masters and 4 years; OR
- Bachelors and 6 years; OR
- Associates and 8 years; OR
- HS and 10 years.
- Must have certifications to meet minimum requirements for DoD 8570 IAT Level 2 certification requirements; level 3 requirements are acceptable as well. Level II certifications must be obtained within six (6) months:
- Certified Network Defender (CND)
- COMPTIA Cybersecurity Analyst (CYSA+)
- COMPTIA Security+
- GIAC Security Essentials (GSEC)
- Global Industrial Cyber Security Professional (GICSP)
- Implementing and Administering Cisco Solutions (CCNA)
- Systems Security Certified Practitioner (SSCP)
- Communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.
- Develop or recommend analytic approaches or solutions to problems and situations for which information is incomplete or for which no precedent exists.
- Ability to exercise judgment when policies are not well-defined.
- Knowledge of new and emerging IT and cybersecurity technologies.
- Effective communication skills (verbal and written) ensuring clear and effective communication with senior government leaders and technical peers.
- Experience with Risk Management Framework (RMF), NIST SP 800-53, Security Technical Implementation Guides (STIGs) and Security Content Automation Protocol (SCAP) Compliance Checker.
- Knowledge of IT security principles and methods (e.g., firewalls, demilitarized zones, encryption).
- Ability to contribute in a dynamic high tempo operational environment.
- Ability to correlate operational concepts and apply appropriate security measures to mitigate threats or vulnerabilities.
- Applied knowledge of ServiceNow as well as other IA reporting tools
- Knowledge of computer networking concepts and protocols, and network security methodologies.
- Knowledge of authentication, authorization, and access control methods.
- Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting).
Ready to join our team? Apply Today!
Our Senior Information System Security Engineer’s earn between $98,100 - $160,000. Not to mention all the other amazing rewards that working at AT&T offers. Individual starting salary within this range may depend on geography, experience, expertise, and education/training.
Joining our team comes with amazing perks and benefits:
- Medical/Dental/Vision coverage
- 401(k) plan
- Tuition reimbursement program
- Paid Time Off and Holidays (based on date of hire, at least 23 days of vacation each year and 9 company-designated holidays)
- Paid Parental Leave
- Paid Caregiver Leave
- Additional sick leave beyond what state and local law require may be available but is unprotected
- Adoption Reimbursement
- Disability Benefits (short term and long term)
- Life and Accidental Death Insurance
- Supplemental benefit programs: critical illness/accident hospital indemnity/group legal
- Employee Assistance Programs (EAP)
- Extensive employee wellness programs
- Employee discounts up to 50% off on eligible AT&T mobility plans and accessories, AT&T internet (and fiber where available) and AT&T phone
Job ID 2309756 Date posted 03/14/2023
Invested in your satisfaction and continued success.
We take care of our own here (hint: that could be you). Our benefits and rewards mean we cover some of your biggest needs with some of the coolest offerings. We already think we’re a pretty great place to work. We’re just trying to rack up some bonus points.
Let’s start with the big one: Your work gets rewarded with competitive compensation and benefits. It really does pay to be on our team.
When it comes to priorities, we know family tops the list. For the moments that matter the most, you'll be there for them, and we'll be here for you.
The Hiring Process
Complete a quick application online and check your status often.
Virtual or in-person
Dress professionally and ensure good WiFi interviewing virtually.
After a background check, you're part of the team.
and Training Begins
Our training and certification programs set you up for success.
Do the right thing, no compromise.
Innovate and get there first.
In everything, every time.
Make a Difference
Impact your world.
Stand for Equality
Speak with your actions.
When customers & colleagues need you most.