AppSec Vulnerability Risk Lead

AT&T

Technology Risk Lead overseeing the Vulnerability Management & Application Security domains at AT&T. Collaborate with teams to enhance security posture and manage risks effectively.

Posted 5/29/2026full-timeCharlotte • North Carolina, Texas • 🇺🇸 United StatesSenior💰 $141,300 - $211,900 per yearWebsite

Tech Stack

Tools & technologies

Cyber Security

About the role

Key responsibilities & impact

Identify, assess, and document controls and risks across Vulnerability Management & Application Security activities, maintaining a proactive approach to emerging threats and vulnerabilities.
Continuously evaluate emerging AI security threats and proactively recommend mitigations and enhancements to existing controls.
Drive efforts around Issues Management and Remediation in line with the Technology Risk Management program.
Partner with and advise key stakeholders across technology, business, and risk partners to identify, assess, respond, and monitor key risks to keep AT&T and our customers safe and resilient.
Support Tech Risk teams responsible for risk monitoring, periodic controls testing, evidence collection, remediation, and audit readiness efforts.

Requirements

What you’ll need

Preferred Bachelor's Degree in Information Systems, Engineering, Cyber Security, or a related field.
5+ years of work experience in technology, operational risk management, or a related discipline at a global company.
Significant (5-7 years) experience in multiple industry risk, control, and governance disciplines (e.g., Audit, Information Security, Regulatory Compliance).
Proven experience in vulnerability management and application security, including identifying, assessing, prioritizing, and remediating vulnerabilities in complex environments.
Strong understanding of AI-specific threats (e.g., adversarial attacks, model theft, data poisoning) and practical experience in mitigating these risks within enterprise environments.
Strong experience in Information security risk and cybersecurity control capabilities with extensive knowledge of information and technology risk management policies, methods, standards, tools, and processes (e.g., ISO, COSO, COBIT, NIST) as well as knowledge of compliance, legal, internal/external audit, and regulatory requirements.
Experience identifying, tracking, monitoring, and remediating critical non-compliance issues throughout the issue management lifecycle.
Strong client relationship management experience, communication, and influencing skills.
Strong interpersonal and oral/written communication skills, able to build relationships with people at all levels.

Benefits

Comp & perks

Medical/Dental/Vision coverage
401(k) plan
Tuition reimbursement program
Paid Time Off and Holidays (based on date of hire, at least 23 days of vacation each year and 9 company-designated holidays)
Paid Parental Leave
Paid Caregiver Leave
Additional sick leave beyond what state and local law require may be available but is unprotected
Adoption Reimbursement
Disability Benefits (short term and long term)
Life and Accidental Death Insurance
Supplemental benefit programs: critical illness/accident hospital indemnity/group legal
Employee Assistance Programs (EAP)
Extensive employee wellness programs
Employee discounts up to 50% off on eligible AT&T mobility plans and accessories, AT&T internet (and fiber where available) and AT&T phone.

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

vulnerability managementapplication securityrisk managementcybersecurityAI security threatscontrols testingremediationaudit readinessinformation securityregulatory compliance

Soft Skills

client relationship managementcommunication skillsinfluencing skillsinterpersonal skillsoral communicationwritten communicationstakeholder engagementproblem-solvingcollaborationproactive approach