Principal-Software Engineer - Security (DevSecOps)
AT&T's Technology Development Team is looking for a strong Principal Software Engineer with 8+ years of experience to be responsible for the overall delivery process of a software application or service, including design, development, testing, deployment, production application support (e.g., troubleshooting) and maintenance with a focus on automation.
Key Roles and Responsibilities: Collaborate to gather and review software requirements/user stories, provide estimates, create software design specifications and collaborate with engineers/architects to assess and test hardware and software interactions. Execute a specific development methodology through application of various programming languages. Create and execute automated test plans/strategies utilizing business requirements and collaborate with engineers/architects, clients, etc. to validate test environments, test data and test results, design and implement code fixes, validate outcomes against expected results and produce associated reporting. In addition to Unit Test, responsibilities may include interface testing, integration testing, end-to-end testing and/or user acceptance testing. Supports applications and solves configuration and environment issues. Supports the software deployment proces s.
Functional Understanding and Working Knowledge of:
- Identity and Access Management concepts (Authentication/Authorization/MFA/ABAC/PBAC/KBA etc.).
- Experience with one of the industry leading IAM products (IBM, Oracle, CA etc)
- IAM Industry Standard Protocols (OIDC, oAUTH, SAML etc)
- Perimeter security controls - firewall, IDS/IPS, network access control and network segmentation
- Security concepts related to DNS, routing, VPN, proxy services and DDOS mitigation technologies
- Networking/Application Protocols (TCP/IP, SSL/TLS, HTTP, VPN/IPSec, Radius etc)
- Cryptographic Algorithms (symmetric/asymmetric encryption, hashing algorithms)
- Cloud Concepts (public, private, hybrid cloud, cloud system stack architecture etc)
- OWASP Top 10
- NIST IAM standards
- Risk assessment procedures, policy formation, role-based authorization methodologies, authentication technologies and security attack pathologies
• Technologies - Java; C/C++; Oracle; Oriented Development; Unix/Linux; Scripting; HTML5/CSS3; Ansible; Windows, UNIX and Linux operating systems
Back to top