Job Information
AT&T Lead Cybersecurity - RATE (Risk Assessment Testing and Enforcement) in Hyderabad, India
About the Company:
Join AT&T and reimagine the communications and technologies that connect the world. Our Chief Security Office ensures that our assets are safeguarded through truthful transparency, enforce accountability and master cybersecurity to stay ahead of threats. Bring your bold ideas and fearless risk-taking to redefine connectivity and transform how the world shares stories and experiences that matter. When you step into a career with AT&T, you won’t just imagine the future-you’ll create it.
About the Job:
The RATE (Risk Assessment Testing and Enforcement) team is part of Chief Security Office (CSO) and responsible for evaluating the products and solutions AT&T uses for possible vulnerabilities and other issues (e.g., EOSL) on an ongoing basis and ensure compliance with the AT&T policy requirements. The team works closely with the other CSO teams, ATS (AT&T Technology Services) stakeholders, Technology Strategies & Standards team, to ensure solutions and products are deployed only when they are secure, authorized and appropriately supported thereby adhering to Secure by design principles.
Experience Level: 13+ years.
Location: Hyderabad / Bengaluru
Responsibilities Include:
Executing and leading Application Security/Product security assessments, identifying issues that needs appropriate risk treatment, and reporting them to the senior ATS stakeholders.
Partnering with RATE (Risk Assessment Testing and Enforcement) leadership to help them recommend and enforce approved Technology Standards for use across the enterprise.
Suggest ways to enhance the review process for better effectiveness and efficiency.
Supporting the development / enhancement of processes / tooling that helps better identify / record / address the information security risks .
Suggest ways to enhance the review process for better effectiveness and efficiency.
Ability to interpret and act on assigned tasks
Ability to review the activity/tasks completed by other assessors for quality
Required Skills:
13+ years minimum experience in Cyber Security, Cyber Risk management / risk consulting, application/product security, software security and vulnerabilities.
Good understanding of various third-party risk management frameworks and standards.
Knowledge of OWASP TOP 10 and Network Security
Experience in IT General Controls (ITGC) and IT Application Controls (ITAC) testing and evaluation
Familiarity with cloud security controls and best practices
Experience and understanding of AI/ML working principles, including control testing and related risks
Experience in leading project automation activities
Good exposure to regulatory requirements in other industries.
Proven program management and project automation skills.
Understanding of Cyber Security Risk Management processes
Familiarity with GDPR, ISO 27001, SOC 2, and related standards/frameworks and compliance requirements
Certified Ethical Hacker (CEH) certification or equivalent skills
Knowledge of vulnerabilities, threat identification, and remediation; ability to understand and analyze penetration test (Pentest) reports
Working knowledge of PCI-DSS compliance and control requirements
Desirable Skills:
Bachelor's or master's degree in computer science, Mathematics, Information Systems, Engineering, Commerce or Cyber Security.
Prior experience with Telecom sector.
ISACA, ISC2 or other relevant certifications.
Additional Information:
Familiarity with applying Artificial Intelligence (AI) or Machine Learning (ML) techniques in cybersecurity contexts (e.g., anomaly detection, threat hunting, behavioral analytics, or risk scoring).
Experience leveraging AI-enabled tools (such as Copilot for Security, Darktrace, CrowdStrike Charlotte AI, or custom LLM integrations) to enhance detection, response, and automation workflows.
Understanding of LLM safety, prompt engineering, or AI governance frameworks (e.g., NIST AI RMF, EU AI Act readiness) is a plus.
Exposure to data science fundamentals relevant to security (pattern recognition, supervised vs. unsupervised learning, model validation).
Awareness of AI-driven risks (e.g., adversarial ML, data poisoning, model hallucination) and their mitigation within enterprise environments.
Interest in leveraging GenAI for security operations, such as summarizing alerts, drafting reports, or automating incident triage.
Need to be flexible to provide coverage in US morning hours.
#Cybersecurity
Weekly Hours:
40
Time Type:
Regular
Location:
IND:AP:Hyderabad / Argus Bldg 4f & 5f, Sattva, Knowledge City- Adm: Argus Building, Sattva, Knowledge City, IND:KA:Bengaluru / Innovator Building, Itpb, Whitefield Rd - Adm: Intl Tech Park, Innovator Bldg
It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, AT&T will provide reasonable accommodations for qualified individuals with disabilities. AT&T is a fair chance employer and does not initiate a background check until an offer is made.
AT&T will consider for employment qualified applicants in a manner consistent with the requirements of federal, state and local laws
We expect employees to be honest, trustworthy, and operate with integrity. Discrimination and all unlawful harassment (including sexual harassment) in employment is not tolerated. We encourage success based on our individual merits and abilities without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, disability, marital status, citizenship status, military status, protected veteran status or employment status