Principal Cybersecurity - Attack Surface Management Application Detective

Principal Cybersecurity - Attack Surface Management Application Detective page is loaded

Apply remote type Office Worker (NOT Remote) locations Charlotte, North Carolina time type Full time posted on Posted 2 Days Ago time left to apply End Date: June 30, 2025 (4 days left to apply) job requisition id R-71103

Job Description:

This position requires office presence of a minimum of 5 days per week and is only located in the location(s) posted. No relocation is offered.

Join AT&T and reimagine the communications and technologies that connect the world. Our Chief Security Office ensures that our assets are safeguarded through truthful transparency, enforce accountability and master cybersecurity to stay ahead of threats. Bring your bold ideas and fearless risk-taking to redefine connectivity and transform how the world shares stories and experiences that matter. When you step into a career with AT&T, you won’t just imagine the future-you’ll create it.

Job Summary: The Principal Cybersecurity Attack Surface Management Application Detective will be responsible for the effective discovery, attribution, and documentation of AT&T’s application attack surface. This role requires, a strong understanding of attack surfaces, and the ability to develop and implement robust security strategies. The ideal candidate will have extensive experience in inventory management, application/web application security best practices, and a proactive approach to threat detection and response.

Key Responsibilities:

• Conduct thorough assessments of application/web application attack surfaces and identify areas of risk using various tools.
• Develop and enforce security policies, standards, and best practices for attack surface management.
• Monitor and analyze data from attack surface management tools to detect and respond to security incidents.
• Monitor and analyze data from various Web Application Firewall solutions to ensure all applications/web applications are properly protected.
• Stay current with the latest trends, threats, and technologies in application/web application attack surface management.
• Conduct training and awareness programs on attack surface management for network and security teams.
• Prepare and present detailed reports on attack surface management posture and incident response activities.
• Work with AI technologies, including training Large Language Models (LLM) and utilizing Retrieval-Augmented Generation (RAG).

Qualifications:

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. A master's degree is preferred.
• Minimum of 7-10 years of experience in cybersecurity, with a focus on attack surface management and tool operations.
• Expert knowledge of TCP/IP and network routing, ISP or large enterprise Internet connectivity.
• Strong knowledge of attack surface management tools, including Xpanse, Censys, and others such as:
  • Xpanse and Censys: For identifying devices and services exposed to the internet.
  • Armis: For digital footprint and attack surface analysis.
  • Tenable: For continuous monitoring and vulnerability management.
  • F5/Barracuda/Akami WAF platforms: For ensuring appropriate coverage and monitoring of application network controls.
• Proven experience in identifying and mitigating attack surface risks and vulnerabilities.
• Excellent analytical, problem-solving, and communication skills.
• Ability to work effectively in a collaborative, fast-paced environment.
• Relevant certifications such as CISSP, CEH, or equivalent are highly desirable.
• Proficiency in network monitoring tools (Wireshark, Netflow, sFlow).

Desired Skills:

• Experience with web applications and web application firewalls.
• Understanding of web application/site APIs, i.e. REST method.
• Experience with AI technologies (LLM, RAG).

Education:

Preferred Bachelors degree in Information Systems, Engineering, Mathematics or Cyber Security or equivalent experience.

Experience:

Typically requires 8-10 years experience. Technical Career Pathway (TCP) role.

Supervisory:

No.

Our Principal Cybersecurity earns between $141,300-$211,900 USD Annual, not to mention all the other amazing rewards that working at AT&T offers. Individual starting salary within this range may depend on geography, experience, expertise, and education/training.

Joining our team comes with amazing perks and benefits:

• Medical/Dental/Vision coverage
• 401(k) plan
• Tuition reimbursement program
• Paid Time Off and Holidays (based on date of hire, at least 23 days of vacation each year and 9 company-designated holidays)
• Paid Parental Leave
• Paid Caregiver Leave
• Additional sick leave beyond what state and local law require may be available but is unprotected.
• Adoption Reimbursement
• Disability Benefits (short term and long term)
• Life and Accidental Death Insurance
• Supplemental benefit programs: critical illness/accident hospital indemnity/group legal
• Employee Assistance Programs (EAP)
• Extensive employee wellness programs
• Employee discounts up to 50% off on eligible AT&T mobility plans and accessories, AT&T internet (and fiber where available) and AT&T phone.

#LI-Onsite – Full-time office role-

AT&T is leading the way to the future – for customers, businesses, and the industry. We're developing new technologies to make it easier for our customers to stay connected to their world. Together, we’ve built a premier integrated communications and entertainment company and an amazing place to work and grow. Team up with industry innovators every time you walk into work, creating the world you always imagined. Ready to #transformdigital with us?

Apply now!

Weekly Hours:

40

Time Type:

Regular

Location:

Charlotte, North Carolina

Salary Range:

$141,300.00 - $211,900.00

It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, AT&T will provide reasonable accommodations for qualified individuals with disabilities. AT&T is a fair chance employer and does not initiate a background check until an offer is made.

remote type Office Worker (NOT Remote) locations 2 Locations time type Full time posted on Posted 9 Days Ago time left to apply End Date: June 30, 2025 (4 days left to apply)remote type Office Worker (NOT Remote) locations Charlotte, North Carolina time type Full time posted on Posted 2 Days Ago time left to apply End Date: June 30, 2025 (4 days left to apply)remote type Office Worker (NOT Remote) locations Charlotte, North Carolina time type Full time posted on Posted 5 Days Ago time left to apply End Date: June 27, 2025 (1 day left to apply)

We are pioneers of making connections and have been ever since Alexander Graham Bell invented the telephone and founded our company. That was nearly 150 years ago, and we haven’t stopped innovating since. At our core, we help bring families, communities, and businesses together with the products and services they need to thrive every day. From the widespread and growing availability of 5G and Fiber to working on things we once only dreamed of—at AT&T, we create connections that change the world.