Role – Senior Cybersecurity – Endpoint Security and Infrastructure Security (Sentinel One, Proofpoint, Guardicore, VPN and DLP security solutions)

About the Company:

Join AT&T and reimagine the communications and technologies that connect the world. Our Chief Security Office ensures that our assets are safeguarded through truthful transparency, enforce accountability and master cybersecurity to stay ahead of threats. Bring your bold ideas and fearless risk-taking to redefine connectivity and transform how the world shares stories and experiences that matter. When you step into a career with AT&T, you won’t just imagine the future-you’ll create it

About the Role:

Our team is seeking an experienced technologist to join our Cybersecurity team.

Working as a Senior Cybersecurity within CSO, you will work with application owners, business partners, and other CSO teams; to design, implement, and maintain AT&T endpoint and infrastructure security strategy. Focusing on protecting endpoints from threats (E.g. phishing, malware, data breaches) enact new security standards, and research emerging standards and protocols. The role involves creating, maintaining and enforcing robust endpoint security policies that align with AT&T's business needs and security best practices.

Roles & Responsibilities:

The Individual in this role will

• Architect and Lead Sentinel One Deployments: Design and implement Sentinel One, Proofpoint, Guardicore, VPN and DLP security solutions for a wide range of infrastructure and endpoints, ensuring scalable, resilient, and effective protection across:Multiple Linux distributions (RHEL, Ubuntu, CentOS, etc.)
• Windows Server (various versions)
• Windows and MacOS endpoints
• Virtual desktop infrastructure (HVDs)
• Kubernetes clusters running on-prem and in cloud environments

Integration & Automation:

• Integrate with other security solutions and automation using APIs.

Security Policy Management:

• Define, optimize, and enforce Sentinel One, Proofpoint, Guardicore, VPN and DLP security policies for different operating systems and device types, balancing security posture with operational requirements.

Threat Detection & Incident Response:

• Collaborate with SOC and IR teams to tune Sentinel One, Proofpoint, Guardicore, VPN and DLP detections. Assist in the response to threats and the investigation of security incidents across the environment.
• Cross-Platform Expertise:
• Provide deep technical expertise in handling endpoint security for heterogeneous systems, troubleshooting compatibility issues, and optimizing performance.

Technical Leadership & Documentation:

• Serve as the subject matter expert for endpoint security, producing architectural diagrams, technical documentation, runbooks, and best practices guides.

Collaboration & Training:

• Partner with IT, DevOps, and security teams to ensure seamless integration with existing infrastructure and provide training on Sentinel One, Proofpoint, Guardicore, VPN and DLP usage and endpoint security hygiene.
• Continuous Improvement:
  Stay updated on emerging threats, Sentinel One, Proofpoint, Guardicore, VPN and DLP product updates, and industry best practices. Recommend enhancements to improve detection and response capabilities.

Required Skills:

• Minimum 10+ years in cybersecurity roles, with at least 4-6 years architecting and supporting large-scale endpoint and infrastructure protection platforms (preferably Sentinel One, Proofpoint, Guardicore, VPN and DLP).

• Operating system and Infrastructure Proficiency:Experience with Linux (multiple distros), MacOS and Windows server/client administration

• Knowledge of Virtual desktop infrastructure (VMware, Citrix, Azure Virtual Desktop)

• Knowledge of Kubernetes and application deployment.

• Security Frameworks: Familiarity with NIST, CIS, MITRE ATT&CK, and other security standards.

• Automation and coding: PowerShell, Bash, Python; CI/CD (GitHub/GitLab/Azure DevOps); API integration skills.

• Experience with the Singularity platform (EPP/EDR/XDR) is preferred.

• Familiarity with OT/IoT discovery and segmentation; network isolation strategies for branch and edge.

• Certified in Engineering and Administration areas of Sentinel One, Proofpoint, Guardicore, VPN and DLP, is highly desirable.

• The candidate must have excellent analytical and problem-solving skills, be self-motivated and work independently

• Sense of urgency and attention to detail.

• Should be flexible to work on weekends.

• Should be flexible to provide coverage in US morning hours.

Desired Skills:

• Familiarity with applying Artificial Intelligence (AI) or Machine Learning (ML) techniques in cybersecurity contexts (e.g., anomaly detection, threat hunting, behavioral analytics, or risk scoring).
• Experience leveraging AI-enabled tools (such as Copilot for Security, Darktrace, Crowd Strike Charlotte AI, or custom LLM integrations) to enhance detection, response, and automation workflows.
• Understanding of LLM safety, prompt engineering, or AI governance frameworks (e.g., NIST AI RMF, EU AI Act readiness) is a plus.
• Exposure to data science fundamentals relevant to security (pattern recognition, supervised vs. unsupervised learning, model validation).
• Awareness of AI-driven risks (e.g., adversarial ML, data poisoning, model hallucination) and their mitigation within enterprise environments.
• Interest in leveraging GenAI for security operations, such as summarizing alerts, drafting reports, or automating incident triage.
• CISSP, CISM, SANS GIAC or relevant cybersecurity
• Excellent communication skills including metrics/performance documentation/presentation, technical drawing/architecture origination and modification
• Operates well under pressure and urgent circumstances
• Self-reliant and diligent in follow-through for assigned tasks
• Ability to work with a geographically disperse team
• Engaged collaborator, contributor and team player
• Experience working in an environment where coordination with multiple teams is essential to success
• Ability to prioritize individual/group work in a high-stress and time-bound environment
• Bachelor’s / Master's degree in Information Systems, Engineering, Mathematics. Computer Science or Cyber Security or equivalent experience.

"1. Familiarity with applying Artificial Intelligence (AI) or Machine Learning (ML) techniques in cybersecurity contexts (e.g., anomaly detection, threat hunting, behavioral analytics, or risk scoring).

1. Experience leveraging AI-enabled tools (such as Copilot for Security, Darktrace, Crowd Strike Charlotte AI, or custom LLM integrations) to enhance detection, response, and automation workflows.

2. Understanding of LLM safety, prompt engineering, or AI governance frameworks (e.g., NIST AI RMF, EU AI Act readiness) is a plus.

3. Exposure to data science fundamentals relevant to security (pattern recognition, supervised vs. unsupervised learning, model validation).

4. Awareness of AI-driven risks (e.g., adversarial ML, data poisoning, model hallucination) and their mitigation within enterprise environments.

5. Interest in leveraging GenAI for security operations, such as summarizing alerts, drafting reports, or automating incident triage."

Additional Information:

Location: Hyderabad / Bengaluru

Weekly Hours:

40

Time Type:

Regular

Location:

IND:AP:Hyderabad / Argus Bldg 4f & 5f, Sattva, Knowledge City- Adm: Argus Building, Sattva, Knowledge City

It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, AT&T will provide reasonable accommodations for qualified individuals with disabilities. AT&T is a fair chance employer and does not initiate a background check until an offer is made.