Cybersecurity Engineer

• Posted 15 days ago • Updated 59 minutes ago

Full Time

On-site

Fitment

Dice Job Match Score™

📋 Comparing job requirements...

Job Details

Skills

Accountability
IT Program Management
Ideation
Mapping
Threat Modeling
Test Plans
Security QA
Computer Hardware
Managed Services
Policies and Procedures
Intrusion Detection
Malware Analysis
Software Development Methodology
Product QA
Reporting
Strategic Analysis
Systems Engineering
Quality Assurance
Digital Forensics
Forensics
Application Development
IoT
Risk Assessment
Auditing
Research
Algorithms
Dashboard
Collaboration
Workflow
Training
Incident Management
Disaster Recovery
Innovation
Testing
Strategic Planning
Computer Science
Information Technology
ISO 9000
Java
Splunk
Palo Alto
CISSP
Cloud Security
Machine Learning (ML)
Artificial Intelligence
White Hat
Team Leadership
Mentorship
Encryption
Nessus
Openvas
Penetration Testing
Metasploit
POSTMAN
SoapUI
Internet
IO
Operating Systems
Microsoft Windows
Linux
Unix
System Administration
Computer Networking
TCP/IP
Dragon NaturallySpeaking
DNS
DHCP
Firewall
Routers
Python
Windows PowerShell
Bash
Customization
Critical Thinking
Analytical Skill
Attention To Detail
Vulnerability Assessment
Cyber Security
Web Application Security
Web Testing
Manual Testing
Burp Suite
OWASP
Writing
Network
Forms
Security Controls
SQL
Scripting
Authentication
Management
Business Operations
Finance
Communication
Documentation
Problem Solving
Conflict Resolution
Oracle Linux

Summary

Cybersecurity Role (Job Description)
Overview

The Cybersecurity Engineer plays a key role in maintaining transparency, strengthening accountability measures, and enhancing advanced threat-defense mechanisms within the organization's security infrastructure.
Location: Dallas / Atlanta

Role Type: Full Time

Seniority: Expert

Key Responsibilities

Cybersecurity in CQE non-production SDLC environments across products, services, infrastructure, networks, and/or applications while providing protection for AT&T, our customers and our vendors/partners.
Works with senior team members on various projects relating to the protection of devices, customers, assets, data, information technology, and networks. Supports innovation, strategic planning, technical proof of concepts, testing, lab work, and various other technical program management related tasks associated with the cyber security programs.
Collaborate with and mentor team members
Ideation, testing, proof of concept and support for various cyber related projects
Threat mapping, threat modeling and analysis of hardware, software and services for the purpose of developing cybersecurity test plans and TTPs
Lead ethical Hacking in non-prod environments to identify security vulnerabilities
Prepare comprehensive reports documenting security test findings, vulnerabilities, assess impact of vulnerabilities, conduct risk rating and make vulnerability remediation recommendations
Ensure that documentation is clear, accurate, and accessible to relevant stakeholder
Analyzes various hardware and/or software solutions recommending purchases and identifying modifications to fit AT&T's cyber security needs and that of our managed services teams
Develops policies and procedures to minimize network intrusion, malware events and vulnerability issues for internal and external customers.
Manages cybersecurity vulnerability lifecycle. Works with development and other teams as needed to report, track and lead remediation of cybersecurity vulnerabilities across the SDLC
Develops remediation measures to block malicious code and applications. Includes forward looking research, planning and strategy to strengthen our stance against future cyber security threats and enhance our mitigation techniques and technology solutions. Areas of work include, but are not limited to: Cyber Incident Response, cyber product testing, vulnerability reporting, cyber risk & strategic analysis, cyber research, cyber awareness & training, cyber vulnerability detection & assessment, cyber intelligence & investigation, cyber networks & systems engineering, cyber security application testing, cyber digital forensics & forensics analysis, cyber software assurance, cyber application development & testing, cyber IoT planning & testing, cyber policy & requirements & standard.

Perform risk assessments, vulnerability scans, and security audits to identify and mitigate threats.

Monitor and analyze security logs and incidents, responding to breaches and emerging threats.

Research, detect, and analyze threat scenarios, designing detection algorithms and dashboards.

Collaborate with cross-functional teams to remediate system, network, and application vulnerabilities.

Develop micro-playbooks, alarms, and SOAR workflows for automated threat response.

Conduct security training and awareness programs for internal teams.

Maintain documentation of security policies, procedures, and guidelines.

Participate in incident response and disaster recovery efforts.

Support innovation, testing, proof-of-concept projects, and strategic planning for improved defenses.
Qualifications

Bachelor's degree in Computer Science, Information Technology, or related field.

3+ years of cybersecurity experience, often with emphasis on network or cloud security.

Strong knowledge of NIST and ISO security standards.

Proficiency with Python, SQL, Java, Splunk, Kusto, CRIBL, Palo Alto XSIAM.

CISSP or similar certification preferred.

Experience with cloud security, machine learning, or AI-based detection (preferred).
Skills

Senior level ethical hacking expertise: Strong enterprise experience in ethical hacking using manual and automated TTPs
Team leadership and mentoring: Mentoring team members
Understanding of Security Concepts: A strong foundation in cybersecurity principles, including knowledge of common attack vectors, security protocols, encryption techniques, and security best practices
Technical Proficiency: Proficiency in using various security tools and technologies such as vulnerability scanners (e.g., Nessus, OpenVAS), network sniffers, penetration testing tools (e.g., Metasploit), OWASP ZAP, Burpsuite, and packet analyzers. Other tools include Postman, Kali Linux, SoapUI, Playwright, and internet based references such as JWT.io.
Operating System Knowledge: Understanding of various operating systems (e.g., Windows, Linux, Unix) and their vulnerabilities, as well as experience with system administration tasks
Networking Knowledge: Familiarity with networking protocols, services, and infrastructure components (e.g., TCP/IP, DNS, DHCP, firewalls, routers) to understand potential vulnerabilities in networked environments
Programming and Scripting Skills: Ability to write scripts and automate tasks using languages like Python, PowerShell, or Bash, which is crucial for customizing security tools, analyzing data, and developing exploits
Critical Thinking and Problem-Solving: Strong analytical skills to assess complex systems, identify vulnerabilities, and propose effective solutions to mitigate risks
Attention to Detail: Thoroughness and attention to detail are essential for conducting comprehensive vulnerability assessments and ensuring no potential weaknesses are overlooked
Communication Skills: Ability to effectively communicate technical information to both technical and non-technical stakeholders, including writing clear and concise vulnerability assessment reports and providing recommendations for remediation
Continuous Learning: Cybersecurity is a rapidly evolving field, so a willingness to continuously learn and stay updated on the latest security trends, tools, and techniques is crucial for success in this role
Web Application Security: Knowledge of web application security concepts, common vulnerabilities (e.g., OWASP Top 10), and techniques for testing web applications, including manual testing and using automated scanners like Burp Suite or OWASP ZAP
Secure Development Practices: Understanding secure coding practices, the ability to review code for security flaws, and give guidance to developers on writing secure code
Understanding of Vulnerability Concepts:
1. Definition of Vulnerability: A vulnerability is a weakness or flaw in a system, network, application, or process that could be exploited by threat actors to compromise the confidentiality, integrity, or availability of data or resources
2. Vulnerability Classification: Vulnerabilities can manifest in various forms, including software bugs, misconfigurations, design flaws, human errors, and inadequate security controls. Common types of vulnerabilities include buffer overflows, SQL injection, cross-site scripting (XSS), authentication bypass, and insecure direct object references
3. Common Vulnerability Scoring System (CVSS): CVSS is a standardized framework for assessing the severity and impact of vulnerabilities. It provides a numerical score based on factors such as exploitability, impact, and remediation level to help prioritize and manage vulnerabilities effectively
4. Zero-Day Vulnerabilities: Zero-day vulnerabilities are vulnerabilities that are actively exploited by threat actors before a patch or mitigation is available from the vendor. These vulnerabilities pose a significant risk because organizations have no advance notice or protection against them
5. Business Impact: Evaluating the potential consequences of disruptions to critical business operations, helping organizations understand the financial, operational, and reputational impacts of such events
6. Exploitability: Evaluating the feasibility and potential impact of exploiting vulnerabilities within systems or applications, aiding in determining the level of risk posed by these vulnerabilities and guiding prioritization of mitigation efforts

Strong communication and documentation skills.
Ability to work in a fast-paced, cross-functional environment.
Problem-solving aptitude and ability to learn new technologies quickly

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

Dice Id: RTL155990
Position Id: 59505faf96dfce7e70369443bca58fa9
Posted 15 days ago

Create job alert

Never miss an opportunity! Create an alert based on the job you applied for.

California

•

Today

Our Mission At Palo Alto Networks , we're united by a shared mission-to protect our digital way of life. We thrive at the intersection of innovation and impact, solving real-world problems with cutting-edge technology and bold thinking. Here, everyone has a voice, and every idea counts. If you're ready to do the most meaningful work of your career alongside people who are just as passionate as you are, you're in the right place. Who We Are In order to be the cybersecurity partner of choice, w

Full-time

USD 126,000.00 - 204,500.00 per year

Azure Web Application Firewall & Cyber Security Tools Engineer

Remote

•

Today

Azure Web Application Firewall & Cyber Security Tools Engineer 100% remote 1 year contract We still need support on this role. As a reminder, the manager is looking for an Azure WAF Expert with Terraform (70%) and knowledge of security tools (30%). Notes from the intake call: 12-month contract.Fully remote allowed.70% Azure Web Application Firewall expert.IaaC Terraform experience needed. Should be able to configure the firewall with Terraform.The client currently has one policy per domain. The

Easy Apply

Contract

Depends on Experience

Sr. Security Engineer.

Atlanta, Georgia

•

Today

Every year, nearly 200 million travelers trust our client to get them where they're going. Take your career to new heights by working for this longstanding leader in air travel that services more worldwide destinations than any other airline. We are looking for a Sr Security Engineer to join our team for a contract, hybrid in Atlanta, GA. This is a 12+ month contract with the potential to extend. Eligible for full benefits. Responsibilities: Responsible for the design, testing, evaluation, imp

Easy Apply

Contract

$57.32 - $62.32

Principal K8 Platform Engineer

No location provided

•

Today

Overview Ask Sage (BigBearAI Company) is the leading Generative AI platform that augments the velocity of government and commercial teams with dozens of use cases from coding to cybersecurity to acquisition to data analysis and much more. Our FedRAMP High and DoD IL5 accredited cutting-edge technology enables teams to focus on strategic initiatives while we take care of the heavy lifting. We are seeking a highly skilled and experienced Principal Kubernetes Platform Engineer.This critical role i

Full-time

Search all similar jobs

Cybersecurity Engineer

Dice Job Match Score™

Job Details

Skills

Summary

Similar Jobs