Perform network penetration tests for AT&T’s customers’ Internet-accessible and internal networks. A knowledge of wireless penetration testing and web application security strongly desired. The candidate should have a deep understanding of TCP/IP, network discovery, DNS enumeration, vulnerability scanning, exploitation methods and privilege escalation. The candidate must be able to write objective, detailed reports explaining security issues.
· Bachelors degree or higher, Masters Degree preferred.
· Information Security experience of a minimum of three years
· Knowledge of UNIX, Windows and other operating systems
· Knowledge of popular databases such as MSSQL, Oracle, and MySQL
· Deep Knowledge of TCP/IP, network protocols, firewall evasion, ethical hacking, routing protocols
· Experience in evading IDS/IPS, access control lists
· Experience with Nmap, Nessus/Qualys, Metasploit, Paros, Kismet, aircrack-ng, etc.
· Ability to write customized scripts using at least two of bash, Perl, Ruby, Python
· Knowledge of C/C++, Java, C#, etc would be beneficial
· Ability to travel 50%-75%, must possess drivers’ license
· Strong report writing skills and ability to explain complex security issues to customers
· Must be a flexible team player, hard-working, excellent communication and customer-facing skills
· Security certifications such as CISSP, CEH, SANS GSEC, etc. beneficial
· PCI DSS experience preferred
AT&T is an Affirmative Action/Equal Opportunity Employer, and we are committed to hiring a diverse and talented workforce. EOE/AA/M/F/D/V