Principal Cybersecurity Attack Surface Mgmt - API Detective

Job Description:

This position requires office presence of a minimum of 5 days per week and is only located in the location(s) posted. No relocation is offered.

Join AT&T and reimagine the communications and technologies that connect the world. Our Chief Security Office ensures that our assets are safeguarded through truthful transparency enforce accountability and master cybersecurity to stay ahead of threats. Bring your bold ideas and fearless risk-taking to redefine connectivity and transform how the world shares stories and experiences that matter. When you step into a career with AT&T you wont just imagine the future-youll create it.

Job Summary: The Attach Surface Management SME will play a critical role in identifying managing and mitigating risks associated with API technologies. This position requires deep expertise in API security a strong understanding of attack surfaces and the ability to develop and implement robust security strategies. The ideal candidate will have extensive experience in API management security best practices and a proactive approach to threat detection and response.

Key Responsibilities:

• Lead the development and implementation of API security strategies to protect against potential threats and vulnerabilities.
• Conduct thorough assessments of API attack surfaces and identify areas of risk.
• Discovery identification and attribution of APIs across multiple attack surfaces.
• Collaborate with development teams to ensure secure API design and implementation.
• Develop and enforce security policies standards and best practices for API management.
• Monitor and analyze API traffic to detect and respond to security incidents.
• Provide expert guidance on API security to internal and external stakeholders.
• Stay current with the latest trends threats and technologies in API security.
• Conduct training and awareness programs on API security for development and operations teams.
• Prepare and present detailed reports on API security posture and incident response activities.
• Work with AI technologies including training Large Language Models (LLM) and utilizing Retrieval-Augmented Generation (RAG).

Qualifications:

• Bachelors degree in Computer Science Information Technology Cybersecurity or a related field. A masters degree is preferred.
• Minimum of 8 years of experience in cybersecurity with a focus on API security and management.
• Strong knowledge of API security frameworks standards and best practices (e.g. OAuth OpenID Connect JWT).
• Proven experience in identifying and mitigating API security risks and vulnerabilities.
• Excellent analytical problem-solving and communication skills.
• Ability to work effectively in a collaborative fast-paced environment.
• Relevant certifications such as CISSP CEH or equivalent are highly desirable.
• Experience with OWASP Web Security Testing methods
• Experience working with Web Application Firewalls
• Development experience in Python JavaScript Bash Scripting C/C/C# or GO desired.
• Experience with network scanning tools (Tenable Nmap Qualys Rapid7).

Supervisory:

No.

Our Principal Cybersecurity earns between $141300-$211900 USD Annual not to mention all the other amazing rewards that working at AT&T offers. Individual starting salary within this range may depend on geography experience expertise and education/training.

Joining our team comes with amazing perks and benefits:

• Medical/Dental/Vision coverage
• 401(k) plan
• Tuition reimbursement program
• Paid Time Off and Holidays (based on date of hire at least 23 days of vacation each year and 9 company-designated holidays)
• Paid Parental Leave
• Paid Caregiver Leave
• Additional sick leave beyond what state and local law require may be available but is unprotected.
• Adoption Reimbursement
• Disability Benefits (short term and long term)
• Life and Accidental Death Insurance
• Supplemental benefit programs: critical illness/accident hospital indemnity/group legal
• Employee Assistance Programs (EAP)
• Extensive employee wellness programs
• Employee discounts up to 50% off on eligible AT&T mobility plans and accessories AT&T internet (and fiber where available) and AT&T phone.

#LI-Onsite Full-time office role-

AT&T is leading the way to the future for customers businesses and the industry. Were developing new technologies to make it easier for our customers to stay connected to their world. Together weve built a premier integrated communications and entertainment company and an amazing place to work and grow. Team up with industry innovators every time you walk into work creating the world you always imagined. Ready to #transformdigital with us

Apply now!

Weekly Hours:

Time Type:

Location:

Salary Range:

It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age color national origin citizenship status physical or mental disability race religion creed gender sex sexual orientation gender identity and/or expression genetic information marital status status with regard to public assistance veteran status or any other characteristic protected by federal state or local law. In addition AT&T will provide reasonable accommodations for qualified individuals with disabilities.AT&T is a fair chance employer and does not initiate a background check until an offer is made.