Lead Cybersecurity Engineer - Web Application Firewall

Job Description:

About the Company:

At AT&T, we’re connecting the world through the latest tech, top-of-the-line communications and the best in entertainment. Our groundbreaking digital solutions provide intuitive and integrated experiences for millions of customers across online, retail and care channels. Join our mission to deliver compelling communication and entertainment experiences to customers around the world as we continue to evolve as a technology-powered, human-centered organization. As part of our team, you’ll transform the way we deliver a seamless customer experience with digital at the center of all you do. In our world, digital is much larger than just an eCommerce channel, we are transforming all channels to digitally perform as one team to create a better customer experience. As we move into 2024, the digital transformation will revolutionize the digital space and you can build a career that will propel your future.

About the Role:

This career step requires senior level experience. Responsible for cyber security areas across products, services, infrastructure, networks, and/or applications while providing protection for AT&T, our customers and our vendors/partners. Works with senior team members on various projects relating to the protection of devices, customers, assets, data, information technology, and networks. Supports innovation, strategic planning, technical proof of concepts, testing, lab work, and various other technical program management related tasks associated with the cyber security programs.

The Lead Engineer in this role will have expertise in holistic enterprise Web Application Firewall (WAF) policy management, architecture, configuration, management, troubleshooting, optimization, governance, risk assessment and automation.

Roles & Responsibilities include:

• Perform Enterprise Web Application Firewall (WAF) policy management, architecture, configuration, management, troubleshooting, optimization, governance, risk assessment and automation
• Perform Proxy policy operations and provide required support.
• End to End life cycle of Web Application Firewalls (F5, Akamai, Barracuda, Cloud)
• Proxy SWATs and Call to Work – US off hours
• Perform migration of unprotected applications
• Perform API security (Akamai/NoName) related operations & tasks

Required/Desired Skills

• Over 12 years of experience in Cybersecurity engineering with experience configuring, operating and managing forward and reverse proxies.
• Extensive experience providing SME level support in large, highly dynamic enterprise environment.
• Engineering, administrative, and operational experience supporting F5, Barracuda, Forcepoint, Secure Service Edge, Cloud Proxy and Cloud WAF platforms
• Understanding and practical experience with web applications, web platforms, application firewalls, frameworks and protocols with respect to application development, deployment, and operation including tuning of policies and signatures.
• Strong understanding of TCP/IP, web protocols and networking concepts
• Expertise with mainstream operating systems, web services, programming languages, regular expressions, analyzing log files, packet captures, network devices and attack vectors
• Script writing and programming using common shell and mainstream languages
• Senior level understanding of PKI Technology
• Experience exploiting web apps and web services security vulnerabilities including cross-site scripting, cross-site request forgery, SQL injection, DoS attacks, XML/SOAP, and API attacks
• Understanding of OWASP Risks, Vulnerabilities and Mitigation Mechanisms
• Lead, support and mentor team members on technical and non-technical matters as required

Cyber Defense and Incident Response:

• Solid understanding of Incident Response process
• Prior experience in Cybersecurity operations and Incident Response
• Working level understanding of Cybersecurity operations and processes

Desirable Skills:

• Excellent communication skills including metrics/performance documentation/presentation, technical drawing/architecture origination and modification
• Operates well under pressure and urgent circumstances
• Self-reliant and diligent in follow-through for assigned tasks
• Ability to work with a geographically disperse team
• Engaged collaborator, contributor and team player
• CISSP, CISM, SANS GIAC, GWEB or relevant cybersecurity
• Flexible to provide coverage in US morning hours on a need-basis, and as required
• Experience working in an environment where coordination with multiple teams is essential to success
• Ability to prioritize individual/group work in a high-stress and time-bound environment

Weekly Hours:

40

Time Type:

Regular

Location:

Bangalore, Karnataka, India

It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, AT&T will provide reasonable accommodations for qualified individuals with disabilities.