O pozici
At AT&T we’re redefining the future of communication by connecting people to greater possibility – with expertise, simplicity, and inspiration. At the heart of our purpose lies a workforce of 130,000 people and a culture that aspires to serve customers first, act boldly, move faster, and win as one. We are seeking an experienced and proactive Application Security Consultant (ASC) to strengthen our regional application security capabilities. The ASC will act as a key liaison between development teams and the Chief Security Office, ensuring that security best practices are understood, implemented, and continuously improved. This role combines technical expertise, strong communication, and a passion for driving a security-first culture.
Co budeš dělat
- Team Liaison: Serve as primary point of contact (POC) for application teams, facilitate effective communication and maintain the escalation matrix.
- AI Enabled Identification and Remediation: The ASC will enable AI-powered scanners (SAST/DAST/SCA) to analyze code patterns, reducing false positives and AI-generated fix recommendations directly into developer IDEs.
- Security Evangelist: Foster security awareness and best practices within development teams, nurturing a culture of shared responsibility.
- Remediation Support: Guide and support development teams in the remediation of identified application security vulnerabilities, providing practical solutions and technical assistance to ensure timely closure of security issues.
- Troubleshoot Scans & False Positive Vetting: Analyze application security scan results (SAST, DAST, SCA etc.), assist teams in resolving findings, and validate false positives.
- Application Scorecard Monitoring: Oversee application security scorecards, track key metrics, and provide actionable insights and recommendations.
- Ticket Management: Monitor, prioritize, and track security tickets, providing timely updates and ensuring resolution.
- Application Risk Assessment: Lead or support application risk assessments as needed.
- Tool Integration & Support: Guide and assist teams in using security testing tools (static and dynamic analysis) and help reduce false positives.
- Knowledge Sharing & Mentoring: Provide training and mentorship on security concepts, helping teams integrate security into their daily workflow.
Koho hledáme
- Experience: 12+ years in application security, software development, or information security consulting
- Demonstrated experience with application security practices including security testing and remediation.
- Understanding and Exposure to AI enabled Application security Tools and practices.
- Proficiency in application security principles, vulnerability management, and secure development practices.
- Experience in performing SAST, DAST and SCA scans.
- Expertise in Application security vulnerabilities and remediation.
- Familiarity with threat modeling, risk assessment, and security tool integration
- Understanding of modern development workflows and DevSecOps concepts
- Excellent English proficiency (spoken and written)
- Ability to communicate technical concepts to both technical and non-technical stakeholders
- Strong analytical, troubleshooting, and problem-solving skills
- High attention to detail, organizational, and documentation skills
- Self-motivated and able to work independently and as part of a distributed team
- Bachelor’s degree (BS/BA) in Computer Science, Information Security, or a related field is preferred
- Certifications such as CISSP, CSSLP or equivalent industry recognized certifications.
Benefity
- A career with us, a global leader in communications and technology, comes with big rewards. We offer a competitive salary plus an annual company performance bonus.
- Once you are a part of the team, you will gain some amazing perks and benefits including wellness & leisure time contribution, sickness compensation plan, premium medical services, family friendly benefits as well as meal contribution and extra days off (…and much more).
