This position requires office presence of a minimum of 5 days per week and is only located in the location(s) posted. No relocation is offered.

Join AT&T and reimagine the communications and technologies that connect the world. Our Chief Security Office ensures that our assets are safeguarded through truthful transparency, enforce accountability and master cybersecurity to stay ahead of threats. Bring your bold ideas and fearless risk-taking to redefine connectivity and transform how the world shares stories and experiences that matter. When you step into a career with AT&T, you won’t just imagine the future-you’ll create it.

The Dynamic Application Security Testing (DAST) Subject Matter Expert (SME) will work in the field of application security focused on dynamic testing techniques that analyze running applications to identify security vulnerabilities. This involves testing the application from external environments while applications are in operation, simulating real-world attacks and uncovering runtime issues such as input validation errors, authentication weaknesses, and security misconfigurations.

Key Responsibilities:

• Lead the implementation, configuration, and optimization of DAST tools across development pipelines.

• Define and maintain best practices and standards for dynamic application security testing.

• Perform in-depth vulnerability assessments and security testing on web applications, APIs, and mobile apps.

• Collaborate closely with development, DevOps, and security teams to integrate DAST into CI/CD workflows.

• Analyze DAST scan results, validate findings, and prioritize remediation efforts based on risk.

• Stay current on emerging threats, vulnerabilities, and exploits relevant to application security.

• Provide expert guidance and training to teams on interpreting DAST reports and remediation strategies.

• Support compliance efforts by ensuring security testing meets regulatory and industry standards.

Work Experience:

• Typically, 4-8 years of experience in application security, with significant hands-on experience using DAST tools and methodologies.

• Proven expertise in testing complex web applications, APIs, and mobile applications for security vulnerabilities.

• Experience integrating DAST tools (e.g., Burp Suite, IBM App Scan, HCL App Scan, Netsparker, Acunetix) into CI/CD pipelines and Dev Sec Ops environments.

• Strong understanding of application security standards (e.g., OWASP Top Ten, SANS CWE Top 25).

• Knowledge of complementary security testing approaches such as Static Application Security Testing (SAST) and Interactive Application Security Testing (IAST).

• Effective communication skills and experience collaborating with development teams to remediate vulnerabilities.

• Familiarity with programming languages and frameworks commonly used in web and mobile applications, including Java, Python, Bash/Shell Scripting, PHP, Javascript, etc.

-Familiarity with applying Artificial Intelligence (AI) or Machine Learning (ML) techniques in cybersecurity contexts (e.g., anomaly detection, threat hunting, behavioral analytics, or risk scoring).

Education:

• Bachelor’s degree in Computer Science, Information Security, Software Engineering, or a related discipline is preferred.

• Advanced degrees (Master’s or certifications) can enhance expertise and credibility.

• Relevant certifications such as:

• Certified Ethical Hacker (CEH)

• Offensive Security Certified Professional (OSCP)

• GIAC Web Application Penetration Tester (GWAPT)

• Certified Application Security Engineer (CASE)

• Certifications specifically related to security testing tools (e.g., Burp Suite Certified Practitioner)

Additional Skills:

• Deep technical knowledge of dynamic security testing tools and techniques.

• Strong analytical skills to interpret scan results and distinguish false positives.

• Solid understanding of web protocols, authentication mechanisms, and session management.

• Ability to lead security testing initiatives and mentor junior security engineers.

• Continuous learner mindset to stay ahead of evolving security threats and testing technologies.

Supervisor:

No

Our Lead Cybersecurity earns between $128,400-$192,600 USD Annual Not to mention all the other amazing rewards that working at AT&T offers. Individual starting salary within this range may depend on geography, experience, expertise, and education/training.

Joining our team comes with amazing perks and benefits:

• Medical/Dental/Vision coverage
• 401(k) plan
• Tuition reimbursement program
• Paid Time Off and Holidays (based on date of hire, at least 23 days of vacation each year and 9 company-designated holidays)
• Paid Parental Leave
• Paid Caregiver Leave
• Additional sick leave beyond what state and local law require may be available but is unprotected
• Adoption Reimbursement
• Disability Benefits (short term and long term)
• Life and Accidental Death Insurance
• Supplemental benefit programs: critical illness/accident hospital indemnity/group legal
• Employee Assistance Programs (EAP)
• Extensive employee wellness programs
• Employee discounts up to 50% off on eligible AT&T mobility plans and accessories,
• AT&T internet (and fiber where available) and AT&T phone.

– Full-time office role-

Ready to join our team? Apply today

Weekly Hours:

40

Time Type:

Regular

Location:

• Alpharetta, Georgia, Atlanta, Georgia, Bedminster, New Jersey, Bothell, Washington, Dallas, Texas, Middletown, New Jersey, USA:NC:Charlotte / Research Dr
• Dat:9139 Research Dr

Salary Range:

$128,400.00 - $215,800.00

It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, AT&T will provide reasonable accommodations for qualified individuals with disabilities. AT&T is a fair chance employer and does not initiate a background check until an offer is made.