Lead Cybersecurity

Role Senior Lead - Control Testing Deep Dive Reviews About the Company Join AT T and reimagine the communications and technologies that connect the world Our Chief Security Office ensures that our assets are safeguarded through truthful transparency enforce accountability and master cybersecurity to stay ahead of threats Bring your bold ideas and fearless risk-taking to redefine connectivity and transform how the world shares stories and experiences that matter When you step into a career with AT T you will not just imagine the future-you will create it About the Job The Control Testing Reporting CTR team is part of Chief Security Office CSO and responsible for testing information technology information security and application controls owned and operated by AT T Technology Services ATS which includes CSO This role holder joins the CTR team as an expert individual contributor This person Is responsible for end-to-end execution of deep dive reviews focused on critical infrastructure applications or transformation projects of AT T Leads analysis of complex information technology security and business issues and provides clear articulation of risk to AT T s critical assets devices networks applications data and customers Leads and drives strategic technology risk management program related activities with a focus on innovation and automation Understands and stays up to date with telecom industry trends in technology risk management Brings expert knowledge in various tools processes and telecom industry best practices used in technology risk management to AT T and supports the Technology Risk Management Framework TRMF build out Experience Level 12 years Location Hyderabad Bengaluru Responsibilities include Collaborating with ATS and business leadership to gather review requirements and understand engagement objectives Conducting comprehensive technology risk reviews such as Targeted pre-implementation post-remediation and strategic project reviews basis the engagement needs Contributing to the design and enhancement of the Risk and Controls Matrix supporting robust risk identification and mitigation Assessing IT General Controls ITGCs IT Application Controls ITACs business process controls and system interfaces for design adequacy and operating effectiveness Identifying technology risks and control gaps providing practical recommendations for remediation and improvement including those related to telecom network resilience lawful intercept and critical service continuity Defining and executing test procedures to evaluate the design and operational effectiveness of controls Reviewing remediation efforts and validate the implementation of recommended actions Preparing clear and concise reports summarizing findings risk implications and proposed solutions Supporting risk assessments for strategic initiatives including network technology transformations large-scale OSS BSS upgrades and telecom M A activity Staying current with emerging technology risks regulatory requirements and industry best practices Required skills Minimum 12 Senior 15 Lead years of experience in technology risk management or consulting including at least 10 years in the design or testing of controls for critical IT infrastructure and applications preferably with a focus on telecom network and application security Demonstrated experience in IT audits and cyber security assessments including telecom-specific compliance frameworks Comprehensive understanding of risk management frameworks COBIT NIST ISO 27001 etc with a track record of applying and integrating these frameworks to meet telecom-specific regulations like FCC CPNI and PCI DSS Working knowledge of regulatory and compliance requirements SOX PCI DSS CCPA etc Proficiency in ITGC and ITAC including user access change management data integrity and system interfaces Demonstrated expertise in implementing and or evaluating business process controls and or conducting risk assessments in telecom-specific IT environments such as billing plan management customer acquisition provisioning mediation network management platforms Proven experience supporting risk assessments for strategic initiatives including network or technology transformations large-scale upgrades and mergers acquisitions M A within the telecommunications sector Familiarity with system implementation integration and post-remediation review practices Excellent analytical and problem-solving skills Strong communication and interpersonal skills with the ability to convey complex security concepts to both technical and non-technical audiences Detail-oriented with strong organizational and project management skills Desirable skills Bachelor s degree in computer science Mathematics Information Systems Engineering or Cyber Security Prior experience with Telecom sector ISACA ISC2 or other relevant certifications The candidate should be comfortable driving people change and have a track record of successfully navigating organizational changes Demonstrated expertise in creating organization level control testing programs working effectively with a broad group of stakeholders Flexible and creative thinker with strong execution skills generates out-of-the-box solutions manages ambiguity anticipates the impact of decisions initiatives and able to move seamlessly from high level concepts to details Additional information if any Need to be flexible to provide coverage in US morning hours Weekly Hours 40 Time Type Regular Location IND AP Hyderabad Argus Bldg 4f 5f Sattva Knowledge City- Adm Argus Building Sattva Knowledge City It is the policy of AT T to provide equal employment opportunity EEO to all persons regardless of age color national origin citizenship status physical or mental disability race religion creed gender sex sexual orientation gender identity and or expression genetic information marital status status with regard to public assistance veteran status or any other characteristic protected by federal state or local law In addition AT T will provide reasonable accommodations for qualified individuals with disabilities AT T is a fair chance employer and does not initiate a background check until an offer is made