1+ months

Principal-Technology Security-Vulnerability Management

Austin, TX 78703
Apply Now
Apply on the Company Site
The **Principal Technology Security** position is responsible for facilitating end to end annual Service Provider Payment Card Industry (PCI) audits with internal employees and our external auditing firm.


**Key Role and Responsibilities:**


1. Facilitate training for internal employees covering the latest PCI requirements.

2. Interface with and conduct meetings with internal employees to obtain, review, and analyze information from complex systems to include applications, operating systems, databases, and Network devices data in order to identify risk, exposures, and help identify compensating controls to help reduce identified security gaps and risk.

3. Interface with and conduct meetings with internal employees and external auditors in order to address security control gaps identified in the information provided for review and evaluation by the external auditor.

4. Prepare weekly and month reports providing status and details of outstanding audit items and overall status of each audit.

5. Schedule and conduct weekly status meetings to review the status of each item and facilitate working sessions to help address open audit issues.

6. Closely manage multiple audits with varying deliverable dates across numerous stakeholders in order to drive successful completion of each PCI audit engagement and provide visibility of roadblocks that could jeopardize the audit completing on time.

7. Perform research and analysis for various audit topics to gain insights and make recommendations to properly address in scope issues.

8. Contribute to the overall success of the team and assist in capturing lessons learned and conducting postmortems to improve the processes and tools for our internal partnering teams and the PCI audit management team.


Create postmortem presentations identifying issues encountered during the audit that must be addressed to ensure we are compliant with all applicable requirements. Ensure the appropriate Data and Control Owners have visibility to the postmortem issues and they provide remediation plans to address all open issues.


**Desired Skills**


1. Bachelors degree in Computer Science with an emphasis in information systems is preferred.

2. 5 10 years experience in IT operations and security operations is preferred.

3. In-depth knowledge and experience in IT Security, access controls, network security, logging and monitoring, vulnerability assessments, system hardening, and secure software development is preferred.

4. In-depth knowledge of auditing practices and experience with Payment Card Industry Data Security Standards is preferred.

5. The following certifications are an asset, CISSP, CISM, CCSK, CCSP, Project Management, and CISA.


**Required Skills**


1. Advance audit management, project management, time management, Microsoft PowerPoint, Excel, Outlook, and Word skills.

2. Advanced verbal and written skills.

3. Proven ability to perform complex analysis of data to determine trends and develop action plans.


**Required Qualifications:**


+ Bachelor's degree in Computer Science, or Engineering in Mechanical Engineering with specialization in Industrial Production Engineering or a technical related field

+ 5-8 years experience in IT security.

+ Knowledge in application security standards and process.

+ Proficient in database security.

+ Knowledge in identity and access management (access control and provisioning, theft tactics, etc.) and tools (SecurID cards, etc.)

+ Knowledge in network architecture and infrastructure components (Carrier-based network routers and switches, IPv6, etc.)

+ Knowledge in business continuity and disaster recovery (planning, etc.)

+ Proficient in Security Engineering, Planning and Monitoring

+ Knowledge in security hardware and software

+ Knowledge in Anti-virus (Virus, Worm, Malware, etc.)

+ Proficient in Cyber security tools (Sensage, etc.)

+ Understands identity and access management tools (SecurID cards, etc.).

+ Proficient in Cloud Computing (Internet data center architectures, hosting and application services, etc.).

+ Understands content distribution networks.

+ Proficient in data leakage prevention (DLP) technologies.

+ Knowledge in security audit, review, risk assessment, regulatory, controls (Audit and control structures, audit processes (SAS 70), Compliance assessment tools, etc.)


**Desired Qualifications** -


+ Certification in CISSP, CISA, CISM, other security or security technologies related certifications (i.e., CISCO, MSFT, Checkpoint, etc.)


AT&T will consider for employment qualified applicants in a manner consistent with the requirements of federal, state and local laws
We expect employees to be honest, trustworthy, and operate with integrity. Discrimination and all unlawful harassment (including sexual harassment) in employment is not tolerated. We encourage success based on our individual merits and abilities without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, disability, marital status, citizenship status, military status, protected veteran status or employment status.
Posted: 2021-11-22 Expires: 2022-02-18
Sponsored by:
ADP Logo

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Principal-Technology Security-Vulnerability Management

AT&T
Austin, TX 78703

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast