1+ months

Cyber Security Engineer

El Segundo, CA 90245
Apply Now
Apply on the Company Site

AT&T DIRECTV is an industry leader in connecting viewers with entertainment on any screen wherever they are. The Entertainment Group is at the tip of the spear of delivering these cutting-edge products to consumers and ensuring that they are deployed with the appropriate Risk Management controls in place to provide the highest level of quality to our customers world-wide. We are seeking highly motivated individuals with a desire to learn about the complex environment that is behind our video products and use their knowledge to identify ways to simplify the way Risk is reduced and ensure the environments are in compliance and secure. In joining the Risk Management Team as a Professional - Software Engineer individual contributor, your role will be to identify areas to improve the way we deploy, monitor and manage our platform risk through automation, dashboards, web interfaces, and reporting with applications like Splunk ESM and ServiceNOW. In this role you will focus on clearly understanding requirements and, with constant motivation to do things right the first time, identify the simplest designs and implementations. Using Agile methods, you will work with Architecture, Operational, and Project Leads to develop solutions create user stories, and track your task via a SCRUM or KanBan board.

The duties, tasks, and responsibilities of cyber security engineers vary differently in accordance to the needs of the client or organization they work for. However, the following job description example shows the major functions they normally perform:
- Partake in technical design reviews, integration, testing, and documentation work
- Responsible for technical advisory to research teams
- Update, sustain, and administer a high level of security for in-house security infrastructures
- Run vulnerability valuation and fizzing of protocols, hardware, and software
- Apply system security engineering principles to deliver real solutions premeditated to enhance the security position
- Identify threats and develop suitable defense measures, evaluate system changes for security implications, and recommend enhancements, research, and draft cyber security white papers, and provide first-class support to the cyber security operations staff for resolving difficult cyber security issues
- Write Risk Management Framework (RMF)-based policies and procedures, and develop comprehensive cyber security processes to contain implementation
- Manage and lead security incident response efforts
- Configure Windows and Linux host-based security as well as network and cloud-based security systems
- Support with the installation and configuration of network security architectures, including firewalls, router ACLs (Access Control Lists), web content filters and Demilitarized Zones (DMZ)
- Observe and respond to Intrusion Detection System (IDS) cues and anti-virus alerts.

Key duties:
- Develop and carry out information security plans and policies
- Develop strategies to respond to and recover from a security breach
- Develop or implement open-source/third-party tools to assist in detection, prevention and analysis of security threats
- Awareness training of the workforce on information security standards, policies and best practices
- Implement protections
- Installation and use of firewalls, data encryption and other security products and procedures
- Conduct periodic network scans to find any vulnerability
- Conduct penetration testing, simulating an attack on the system to find exploitable weaknesses
- Monitor networks and systems for security breaches, through the use of software that detects intrusions and anomalous system behavior
- Investigate security breaches
- Lead incident response, including steps to minimize the impact and then conducting a technical and forensic investigation into how the breach happened and the extent of the damage


Key technical skills include:
- Expertise in anti-virus software, intrusion detection, firewalls and content filtering
- Knowledge of risk assessment tools, technologies and methods
- Expertise in designing secure networks, systems and application architectures
- Disaster recovery, computer forensic tools, technologies and methods
- Planning, researching and developing security policies, standards and procedures
- System administration, supporting multiple platforms and applications
- Expertise with mobile code, malicious code, and anti-virus software
- The security engineer should also have experience with and knowledge of:
- Endpoint security solutions, including file integrity monitoring and data loss prevention
- AWS and cloud platform as a service (PaaS) security
- Automating security testing tools
- Cloud configuration management tools

General skills include:
- Ability to multi-task with a calm demeanor and work under pressure in a fast-paced environment
- Excellent communication skills to communicate network security issues to peers and management
- Attention to details and good problem-solving skills
- Strong organizational skills
- The ability to thrive in fast-paced, high-stress situations
- Education/certifications supporting the role of Security Engineer

Requirements Skills, Abilities, and Knowledge
- 3 years plus of experience identifying threats and developing appropriate protection measures
- Ability to review system changes for security implications and recommending improvements
- Understanding of cyber security methodologies
- Proficient in AWS, AZURE, Java, Net, C++, Python, bash, power shell, others
- Knowledge of Splunk ESM and ServiceNOW
- Good team player, self-confident, motivated, and independent
- Bachelors degree or equivalent in Computer engineering/science preferred
- Current knowledge of technology capabilities and trends; types, and techniques of hacking attacks in the wild
- Understanding of the OSI (Open Systems Interconnection) model and renowned ports and services can be an added advantage
- Significant networking experience with the TCP/IP (Transmission Control Protocol/Internet Protocol) stack can be an added advantage
- Veteran enterprise-level security strategic planning experience can be an added advantage
- Knowledge Risk Management Framework (RMF) processes can be an added advantage.

One of five potential security-related certifications or capacity to acquire a Public Trust security clearance:

CISSP - Certified Information Systems Security Professional
CISA Certified Information Systems Auditor
CEH Certified Ethical Hacker
CISM Certified Information Security Manager (CISM)
ISSAP Information Systems Security Architecture Professional
ISSEP Information Systems Security Engineering Professional


Key technical skills include:
- Expertise in anti-virus software, intrusion detection, firewalls and content filtering
- Knowledge of risk assessment tools, technologies and methods
- Expertise in designing secure networks, systems and application architectures
- Disaster recovery, computer forensic tools, technologies and methods
- Planning, researching and developing security policies, standards and procedures
- System administration, supporting multiple platforms and applications
- Expertise with mobile code, malicious code, and anti-virus software
- The security engineer should also have experience with and knowledge of:
- Endpoint security solutions, including file integrity monitoring and data loss prevention
- AWS and cloud platform as a service (PaaS) security
- Automating security testing tools
- Cloud configuration management tools

General skills include:
- Ability to multi-task with a calm demeanor and work under pressure in a fast-paced environment
- Excellent communication skills to communicate network security issues to peers and management
- Attention to details and good problem-solving skills
- Strong organizational skills
- The ability to thrive in fast-paced, high-stress situations
- Education/certifications supporting the role of Security Engineer

Requirements Skills, Abilities, and Knowledge
- 3 years plus of experience identifying threats and developing appropriate protection measures
- Ability to review system changes for security implications and recommending improvements
- Understanding of cyber security methodologies
- Proficient in AWS, AZURE, Java, Net, C++, Python, bash, power shell, others
- Knowledge of Splunk ESM and ServiceNOW
- Good team player, self-confident, motivated, and independent
- Bachelors degree or equivalent in Computer engineering/science preferred
- Current knowledge of technology capabilities and trends; types, and techniques of hacking attacks in the wild
- Understanding of the OSI (Open Systems Interconnection) model and renowned ports and services can be an added advantage
- Significant networking experience with the TCP/IP (Transmission Control Protocol/Internet Protocol) stack can be an added advantage
- Veteran enterprise-level security strategic planning experience can be an added advantage
- Knowledge Risk Management Framework (RMF) processes can be an added advantage.

One of five potential security-related certifications or capacity to acquire a Public Trust security clearance:

CISSP - Certified Information Systems Security Professional
CISA Certified Information Systems Auditor
CEH Certified Ethical Hacker
CISM Certified Information Security Manager (CISM)
ISSAP Information Systems Security Architecture Professional
ISSEP Information Systems Security Engineering Professional

Posted: 2020-02-05 Expires: 2020-04-26

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Cyber Security Engineer

AT&T
El Segundo, CA 90245

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast