Lead Cybersecurity

About The Position

Requirements

• Bachelor degree, or foreign equivalent degree, in Information Systems, Engineering, Cyber Security, or Electronic Engineering
• 5 years of progressive, post-baccalaureate experience in the job offered, or 5 years of progressive, post-baccalaureate experience in a related occupation
• Ethical hacking using both manual and automated TTPs
• Mentoring and leading team members
• Applying knowledge of cybersecurity principles including common attack vectors, security protocols, encryption techniques, and best practices
• Utilizing security tools and technologies including vulnerability scanners, network sniffers, penetration testing tools, OWASP ZAP, and packet analyzers
• Applying understanding of operating systems
• Applying knowledge with networking protocols, services, and infrastructure
• Writing scripts and automating tasks using languages including Python
• Applying knowledge of web application security concepts, common vulnerabilities, and techniques for testing web applications including manual testing and using automated scanners
• Applying understanding of secure coding practices, reviewing code for security flaws, and giving guidance to developers on writing secure code

Responsibilities

• Lead cybersecurity initiatives across products, services, infrastructure, networks, and applications.
• Partner with senior team members on projects aimed at safeguarding devices, data, IT assets, Software, and networks.
• Drive innovation through strategic planning, technical proof of concepts, testing, and lab work.
• Collaborate with and mentor team members by fostering a culture of continuous learning and improvement.
• Lead ideation, testing, and proof of concept for various cybersecurity projects.
• Conduct threat mapping, threat modeling, and analysis of hardware, software, and services to develop comprehensive cybersecurity test plans and TTPs.
• Lead ethical hacking efforts in non-production environments to identify and remediate security vulnerabilities early in the SDLC lifecycle.
• Stay on top of cutting-edge security industry standards and best practices to ensure our security measures are always up-to-date and effective.
• Prepare detailed reports documenting security test findings, vulnerabilities, and their impacts.
• Conduct risk assessments and provide actionable remediation recommendations.
• Ensure documentation is clear, accurate, and accessible to relevant stakeholders.
• Analyze various hardware and software solutions, by recommending purchases and modifications to meet our cybersecurity needs.
• Develop and implement policies and procedures to minimize network intrusions, malware events, and vulnerabilities for internal and external customers.
• Manage the cybersecurity vulnerability lifecycle, by working with development and other teams to report, track, and lead remediation efforts across the SDLC.
• Conduct forward-looking research and strategic planning to strengthen our defenses against future cybersecurity threats.
• Enhance mitigation techniques and technology solutions in areas such as Cyber Incident Response, cyber product testing, vulnerability reporting, cyber risk analysis, cyber research, cyber awareness and training, cyber vulnerability detection and assessment, cyber intelligence and investigation, cyber networks and systems engineering, cyber security application testing, cyber digital forensics, cyber software assurance, cyber application development and testing, cyber IoT planning and testing, and cyber policy and standards.
• Apply knowledge of cybersecurity principles including common attack vectors, security protocols, encryption techniques, and best practices.
• Utilize security tools and technologies including vulnerability scanners, network sniffers, penetration testing tools, OWASP ZAP, and packet analyzers.
• Apply understanding of operating systems.
• Apply knowledge with networking protocols, services, and infrastructure.
• Write scripts and automate tasks using languages including Python.
• Apply knowledge of web application security concepts, common vulnerabilities, and techniques for testing web applications including manual testing and using automated scanners.
• Apply understanding of secure coding practices, review code for security flaws, and give guidance to developers on writing secure code.

Benefits

• Medical/Dental/Vision coverage
• 401(k) plan
• Tuition reimbursement program
• Paid Time Off and Holidays (based on date of hire, at least 23 days of vacation each year and 9 company-designated holidays)
• Paid Parental Leave
• Paid Caregiver Leave
• Additional sick leave beyond what state and local law require may be available but is unprotected
• Adoption Reimbursement
• Disability Benefits (short term and long term)
• Life and Accidental Death Insurance
• Supplemental benefit programs: critical illness/accident hospital indemnity/group legal
• Employee Assistance Programs (EAP)
• Extensive employee wellness programs
• Employee discounts up to 50% off on eligible AT&T mobility plans and accessories, AT&T internet (and fiber where available) and AT&T phone