AT&T

Principal Cybersecurity Engineer – Cloud Infrastructure, Security Control Validation

AT&T

full-time

Posted on:

Location Type: Office

Location: Charlotte • New Jersey, North Carolina • 🇺🇸 United States

Visit company website
AI Apply
Apply

Salary

💰 $141,300 - $211,900 per year

Job Level

Lead

Tech Stack

AWSAzureCloudCyber SecurityDNSFirewallsLinuxTCP/IPTerraform

About the role

  • Design, implement, and maintain automated image building pipelines in Azure and AWS, ensuring optimal efficiency, security, and compliance with organizational standards.
  • Manage and optimize the usage of JFrog Artifactory for artifact storage, versioning, and distribution within CI/CD workflows.
  • Develop and maintain Infrastructure-as-Code (IaC) solutions for cloud resource orchestration using Terraform, including the creation, deployment, and lifecycle management of cloud resources.
  • Integrate and operate cloud-native and third-party security controls for vulnerability scanning, image hardening, access controls, and compliance monitoring in both Azure and AWS environments.
  • Onboard new applications and workloads to secure cloud platforms, establishing automated checks and controls throughout the image pipeline.
  • Conduct hands-on deployment, configuration, policy creation, and continuous improvement for cloud security tools and controls.
  • Integrate cloud security controls and monitoring with other security solutions and centralized logging/data sources for comprehensive visibility and response capability.
  • Manage lifecycle activities for cloud infrastructure, including the upgrade and replacement of images, modules, and security components.
  • Respond to operational incidents, user requests, and cloud security events, ensuring rapid resolution and minimal impact to service availability.
  • Lead and coordinate troubleshooting efforts in high-pressure situations, collaborating with leadership and cross-functional teams to restore and secure cloud services.

Requirements

  • 5+ years of hands-on experience as a security-focused cloud engineer, with proven expertise configuring, operating, and managing security controls for both on-premises and cloud-native environments.
  • Demonstrated ability to serve as a subject matter expert (SME) in cybersecurity within large, rapidly evolving enterprise cloud infrastructures.
  • In-depth engineering and operational knowledge of essential security technologies, such as endpoint detection and response (EDR), data loss prevention (DLP), firewalls, web application firewalls (WAF), proxy solutions.
  • Advanced experience with identity and access management in the cloud, including integration with providers such as SSO, SAML, Active Directory, and Microsoft Entra, ensuring robust authentication and authorization.
  • Thorough understanding of cloud security architecture for web applications and platforms, including application firewalls, secure frameworks, and protocols relevant to secure deployment and operation.
  • Comprehensive knowledge of TCP/IP, web protocols, DNS, and networking from a security perspective, with the ability to identify, mitigate, and respond to related threats.
  • Expertise in mainstream operating systems (particularly Linux), web services, programming languages, network devices, and current attack vectors, emphasizing security best practices at every stage.
  • Proficient in analyzing logs, correlating security data, and conducting packet captures to investigate and respond to security incidents in cloud environments.
  • Strong scripting and automation skills using shell and mainstream programming languages to enforce security policies and automate threat detection or response.
  • Senior-level understanding and application of PKI technologies as part of secure cloud deployments.
  • Working knowledge of both open-source and commercial application security tools and frameworks to ensure continuous monitoring and compliance in cloud infrastructure.
  • Experience with security validation tools like SafeBreach or in vulnerability management is a plus.
Benefits
  • Medical/Dental/Vision coverage
  • 401(k) plan
  • Tuition reimbursement program
  • Paid Time Off and Holidays (based on date of hire, at least 23 days of vacation each year and 9 company-designated holidays)
  • Paid Parental Leave
  • Paid Caregiver Leave
  • Additional sick leave beyond what state and local law require may be available but is unprotected
  • Adoption Reimbursement
  • Disability Benefits (short term and long term)
  • Life and Accidental Death Insurance
  • Supplemental benefit programs: critical illness/accident hospital indemnity/group legal
  • Employee Assistance Programs (EAP)
  • Extensive employee wellness programs
  • Employee discounts up to 50% off on eligible AT&T mobility plans and accessories, AT&T internet (and fiber where available) and AT&T phone.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
automated image buildingInfrastructure-as-Code (IaC)Terraformcloud security architectureendpoint detection and response (EDR)data loss prevention (DLP)identity and access managementscriptingnetworkingPKI technologies
Soft skills
collaborationtroubleshootingleadershipcommunicationproblem-solvingincident responseadaptabilitycritical thinkingteam coordinationtime management