Lead Cybersecurity - Application Security DevSecOps ...

Job Description: This position requires office presence of a minimum of 5 days per week and is only located in the location(s) posted. No relocation is offered. Join AT&T and reimagine the communications and technologies that connect the world. Our Chief Security Office ensures that our assets are safeguarded through truthful transparency, enforce accountability and master cybersecurity to stay ahead of threats. Bring your bold ideas and fearless risk-taking to redefine connectivity and transform how the world shares stories and experiences that matter. When you step into a career with AT&T, you wonu2019t just imagine the future-youu2019ll create it. The Dynamic Application Security Testing (DAST) Subject Matter Expert (SME) will work in the field of application security focused on dynamic testing techniques that analyze running applications to identify security vulnerabilities. This involves testing the application from external environments while applications are in operation, simulating real-world attacks and uncovering runtime issues such as input validation errors, authentication weaknesses, and security misconfigurations. Key Responsibilities: u2022 Lead the implementation, configuration, and optimization of DAST tools across development pipelines. u2022 Define and maintain best practices and standards for dynamic application security testing. u2022 Perform in-depth vulnerability assessments and security testing on web applications, APIs, and mobile apps. u2022 Collaborate closely with development, DevOps, and security teams to integrate DAST into CI/CD workflows. u2022 Analyze DAST scan results, validate findings, and prioritize remediation efforts based on risk. u2022 Stay current on emerging threats, vulnerabilities, and exploits relevant to application security. u2022 Provide expert guidance and training to teams on interpreting DAST reports and remediation strategies. u2022 Support compliance efforts by ensuring security testing meets regulatory and industry standards. Work Experience: u2022 Typically, 4-8 years of experience in application security, with significant hands-on experience using DAST tools and methodologies. u2022 Proven expertise in testing complex web applications, APIs, and mobile applications for security vulnerabilities. u2022 Experience integrating DAST tools (e.g., Burp Suite, IBM AppScan, HCL AppScan, Netsparker, Acunetix) into CI/CD pipelines and DevSecOps environments. u2022 Strong understanding of application security standards (e.g., OWASP Top Ten, SANS CWE Top 25). u2022 Knowledge of complementary security testing approaches such as Static Application Security Testing (SAST) and Interactive Application Security Testing (IAST). u2022 Effective communication skills and experience collaborating with development teams to remediate vulnerabilities. u2022 Familiarity with programming languages and frameworks commonly used in web and mobile applications, including Java, Python, Bash/Shell Scripting, PHP, Javascript, etc. Education: u2022 Bacheloru2019s degree in Computer Science, Information Security, Software Engineering, or a related discipline is preferred. u2022 Advanced degrees (Masteru2019s or certifications) can enhance expertise and credibility. u2022 Relevant certifications such as: u2022 Certified Ethical Hacker (CEH) u2022 Offensive Security Certified Professional (OSCP) u2022 GIAC Web Application Penetration Tester (GWAPT) u2022 Certified Application Security Engineer (CASE) u2022 Certifications specifically related to security testing tools (e.g., Burp Suite Certified Practitioner) Additional Skills: u2022 Deep technical knowledge of dynamic security testing tools and techniques. u2022 Strong analytical skills to interpret scan results and distinguish false positives. u2022 Solid understanding of web protocols, authentication mechanisms, and session management. u2022 Ability to lead security testing initiatives and mentor junior security engineers. u2022 Continuous learner mindset to stay ahead of evolving security threats and testing technologies. Supervisor: No Our Lead Cybersecurity earns between$128,400-$192,600 USD Annual Not to mention all the other amazing rewards that working at AT&T offers. Individual starting salary within this range may depend on geography, experience, expertise, and education/training. Joining our team comes with amazing perks and benefits: + Medical/Dental/Vision coverage + 401(k) plan + Tuition reimbursement program + Paid Time Off and Holidays (based on date of hire, at least 23 days of vacation each year and 9 company-designated holidays) + Paid Parental Leave + Paid Caregiver Leave + Additional sick leave beyond what state and local law require may be available but is unprotected + Adoption Reimbursement + Disability Benefits (short term and long term) + Life and Accidental Death Insurance + Supplemental benefit programs: critical illness/accident hospital indemnity/group legal + Employee Assistance Programs (EAP) + Extensive employee wellness programs + Employee discounts up to 50% off on eligible AT&T mobility plans and accessories, + AT&T internet (and fiber where available) and AT&T phone. #LI-Onsite u2013 Full-time office role- Ready to join our team? Apply today Weekly Hours: 40 Time Type: Regular Location: USA:NC:Charlotte / Research Dr - Dat:9139 Research Dr Salary Range: $128,400.00 - $215,800.00 It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, AT&T will provide reasonable accommodations for qualified individuals with disabilities. AT&T is a fair chance employer and does not initiate a background check until an offer is made.AT&T will consider for employment qualified applicants in a manner consistent with the requirements of federal, state and local laws We expect employees to be honest, trustworthy, and operate with integrity. Discrimination and all unlawful harassment (including sexual harassment) in employment is not tolerated. We encourage success based on our individual merits and abilities without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, disability, marital status, citizenship status, military status, protected veteran status or employment status

Created: 2026-02-06