This position serves as a key role in the AT&T CSO mobility threat management program, the position will be required to help define and establish new threat management strategies, processes, procedures, and assist with the selection and procurement of required tools and systems.
Mobile computing technology presents a new breed of security threats that require highly skilled mobility professionals to identify and address new risks to AT&T and its mobile customers. The primary focus of this position will be to proactively reduce impact of mobile security threats by utilizing new informative venues, ecosystems, tools, and processes unique to the mobile industry to manage threats from identification to final disposition. The PTS will establish new relationships with mobile device OEMs, software companies, developers, business partners, and the security research community to enrich AT&T’s mobile threat information sources, and will assist AT&T teams to remedy mobile vulnerabilities that impact AT&T and its mobile customers.
The PTS must be an experienced professional in the area of mobile security and will be required to utilize their expertise in a variety of mobility-related areas including technology, operating systems, applications, protocols, 2G/3G/4G network elements and support systems, and security solutions/methodologies to address a wide range of threats to AT&T’s mobile environments.
As a member of the AT&T Chief Security Office, the PTS will provide expert level mobility threat management functions consisting of:
25% - Research and Monitoring Information Sources
35% - Threat Analysis and Planning
20% - Support Notification and Remediation Activities
20% - Program Management, Process Improvement, Task Automation, and Administrative Activities
In addition, the PTS will contribute toward the organization’s strong drive in the area of technology innovation through the generation of patentable ideas.
Principal Responsibilities:
25% - Research and Monitoring Information Sources
The PTS will be required to perform extensive research of mobile threats leveraging traditional and unique sources such as web blogs, news feeds, use groups, and be cognizant of the work of security researchers and new mobile security trends. The PTS will need to monitor information feeds from AT&T systems and non-AT&T threat management services, and may provide ideas to streamline existing processes. The PTS will stay abreast of new information sources, and may recommend new methodologies and approaches. The research and monitoring efforts will be used to identify potential mobile security threats, which the PTS will document for analysis.
35% - Threat Analysis and Planning
The PTS will be responsible for analyzing potential threats and must be able to communicate associated risks to the business in an effective manner. The PTS will work with cross functional teams including third parties to gather additional detail, analyze, validate, and prioritize threat information. Based on this work, the PTS will document findings in the form of threat statements, summaries, and reports. The PTS will also provide recommendations to mitigate associated vulnerabilities. At times, the PTS will need to make critical decisions in a timely manner, in addition to performing more routine planning efforts. The PTS must leverage their technical experience with mobile technologies and apply this skill set to expert threat analysis and remediation planning.
In addition to technical expertise, the PTS will be required to learn AT&T’s strategic products and services and apply this knowledge to mitigate threats targeting the business aspects of AT&T such as financial impact, brand recognition, and customer experience.
20% - Support Notification and Remediation Activities
The PTS will support notification teams by reviewing documented notices for technical accuracy before information is disseminated within AT&T and to its customers. The PTS will participate in exercises with various organizations such as corporate communication and public relation teams to provide technical verbiage for documents that AT&T provides to non-AT&T entities. The PTS will occasionally engage in alerting processes, status updates, and meetings in support of threat management notification functions. The PTS will provide technical leadership representing the AT&T Chief Security Office in briefings, technical presentations and updates to management teams.
The PTS will support remediation teams by providing mobile technical expertise and assistance with remediation planning, instruction, and creation of test plans. The PTS will provide mobility expertise to incident response efforts associated with exploits against AT&T’s products and services. These duties require the PTS to have extensive knowledge and posses expert technical skills with respect to mobile security technologies/solutions.
20% - Program Management, Process Improvement, Task Automation, and Administrative Activities
Using an innovative mindset, the PTS will contribute creative ideas to advance AT&T’s mobility threat management program, and must be capable of leading cross functional teams towards completion of security deliverables. The PTS may also be responsible for leading business cases, including management of capital and expense budgets, associated with the implementation of security solutions. The PTS may provide ideas to streamline information flows and automate processes, and may be called upon to assist with the procurement of resources to fulfill improvements. The PTS will monitor issues and unresolved threats, and may assist teams with compliance tracking to ensure remediation tactics are successfully deployed.
The candidate must be flexible, able to work across a diverse and highly technical organization and able to effectively communicate with a broad range of audiences. The candidate must present a strong technical acumen and solid verbal, written, and organizational skills.
Environmental Requirements
This position may be responsible for contributing to AT&Ts compliance with environmental laws and regulations as applicable to its job function. This may include, but is not limited to, work related to fuel tanks, emergency and stand-by generators, boilers, hazardous waste, hazardous materials, batteries, manholes and vaults, water wells, linear and other construction projects, water discharge, or air emissions.
At AT&T, our Chief Technology Office (CTO) is the embodiment of innovation. We’re responsible for developing, designing, planning and building AT&T’s wireless and wired networks, including the nation’s fastest 3G, 4G and LTE wireless networks, our groundbreaking U-verse network and one of the world’s largest and most advanced IP backbone networks. Just as importantly, our team conducts industry-leading research and development for network technologies as well as the applications that take advantage of connectivity.
