Job Description:
Role: Specialist – Control Testing
About the Company:
Join AT&T and reimagine the communications and technologies that connect the world. Our Chief Security Office ensures that our assets are safeguarded through truthful transparency, enforce accountability and master cybersecurity to stay ahead of threats. Bring your bold ideas and fearless risk-taking to redefine connectivity and transform how the world shares stories and experiences that matter. When you step into a career with AT&T, you won’t just imagine the future-you’ll create it.
About the Job:
The Control Testing & Reporting (CTR) team is part of Chief Security Office (CSO) and responsible for testing information technology and information security controls owned and operated by AT&T Technology Services (ATS), which includes CSO. This Specialist joins the CTR team to work and collaborate with our control owners, control operators and technology leadership to identify gaps in design and operating effectiveness of AT&T’s controls.
The professional in this role will independently test IT General Controls (ITGC), Cloud security, Critical application security, and other information technology and information security controls necessary for regulatory compliance (e.g., SOX, PCI DSS).
Experience Level: 5+ years.
Location: Hyderabad / Bengaluru
Responsibilities Include:
- Supporting the CTR team leadership in prioritizing & planning, and annual test plan preparation activities.
- Independently executing engagements assigned from the annual testing plan or other discrete engagements (test script preparation, walkthroughs, issue identification, obtaining stakeholder agreement, documentation and reporting them to senior ATS stakeholders) within the expected timelines and quality parameters, while working closely with internal stakeholders for better efficiency.
- Providing clear analysis of information technology and security issues and provides clear articulation of risk to AT&T assets (devices, networks, applications & data), and customers.
- Contributing the development of a Control Testing Methodology and other key components of Technology Risk Management Framework (TRMF) and tooling that are related to or impact control testing.
Required skills:
- Minimum 5 years’ experience in Technology Risk Management or Consulting or Assurance with at least 3 of those years in design or testing of controls in the areas of information technology and information security (SOX / ITGC / Critical application security / Cloud security)
- Good understanding of regulatory requirements like SOX, PCIDSS etc.
- Good documentation and effective articulation skills.
Desirable skills:
- Bachelors degree in Computer Science, Mathematics, Information Systems, Engineering or Cyber Security.
- ISACA, ISC2 or other relevant certifications.
Additional information (if any): Need to be flexible to provide coverage in US morning hours.
Weekly Hours:
40
Time Type:
Regular
Location:
Hyderabad, Andhra Pradesh, India
It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, AT&T will provide reasonable accommodations for qualified individuals with disabilities.
Job ID R-37642-1 Date posted 09/13/2024