Lead Cybersecurity - Application Security DevSecOps Engineer jobs in United States
cer-icon
Apply on Employer Site
company-logo

AT&T · 2 months ago

Lead Cybersecurity - Application Security DevSecOps Engineer

positionBothell, Washington
timeFull-time
remoteOnsite
senioritySenior Level, Lead/Staff
money$128K/yr - $216K/yr
date4+ years exp

AT&T is a leading communications and technology company dedicated to safeguarding its assets through innovative cybersecurity measures. The Lead Cybersecurity - Application Security DevSecOps Engineer will focus on dynamic application security testing, leading the implementation of DAST tools and collaborating with development and security teams to enhance application security. This role requires a strong understanding of application vulnerabilities and the ability to guide teams in remediation efforts.

CollaborationCommunications InfrastructureMobileService IndustryTelecommunicationsWireless
check
H1B Sponsor Likelynote

Responsibilities

Lead the implementation, configuration, and optimization of DAST tools across development pipelines
Define and maintain best practices and standards for dynamic application security testing
Perform in-depth vulnerability assessments and security testing on web applications, APIs, and mobile apps
Collaborate closely with development, DevOps, and security teams to integrate DAST into CI/CD workflows
Analyze DAST scan results, validate findings, and prioritize remediation efforts based on risk
Stay current on emerging threats, vulnerabilities, and exploits relevant to application security
Provide expert guidance and training to teams on interpreting DAST reports and remediation strategies
Support compliance efforts by ensuring security testing meets regulatory and industry standards

Qualification

Dynamic Application Security TestingDAST tools integrationVulnerability assessmentsApplication security standardsProgramming languagesCertified Ethical HackerAnalytical skillsEffective communicationMentoringContinuous learner mindset

Required

Typically, 4-8 years of experience in application security, with significant hands-on experience using DAST tools and methodologies
Proven expertise in testing complex web applications, APIs, and mobile applications for security vulnerabilities
Experience integrating DAST tools (e.g., Burp Suite, IBM AppScan, HCL AppScan, Netsparker, Acunetix) into CI/CD pipelines and DevSecOps environments
Strong understanding of application security standards (e.g., OWASP Top Ten, SANS CWE Top 25)
Knowledge of complementary security testing approaches such as Static Application Security Testing (SAST) and Interactive Application Security Testing (IAST)
Effective communication skills and experience collaborating with development teams to remediate vulnerabilities
Familiarity with programming languages and frameworks commonly used in web and mobile applications, including Java, Python, Bash/Shell Scripting, PHP, Javascript, etc
Deep technical knowledge of dynamic security testing tools and techniques
Strong analytical skills to interpret scan results and distinguish false positives
Solid understanding of web protocols, authentication mechanisms, and session management
Ability to lead security testing initiatives and mentor junior security engineers
Continuous learner mindset to stay ahead of evolving security threats and testing technologies

Preferred

Bachelor's degree in Computer Science, Information Security, Software Engineering, or a related discipline is preferred
Advanced degrees (Master's or certifications) can enhance expertise and credibility
Relevant certifications such as: Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), GIAC Web Application Penetration Tester (GWAPT), Certified Application Security Engineer (CASE), Certifications specifically related to security testing tools (e.g., Burp Suite Certified Practitioner)

Benefits

Medical/Dental/Vision coverage
401(k) plan
Tuition reimbursement program
Paid Time Off and Holidays (based on date of hire, at least 23 days of vacation each year and 9 company-designated holidays)
Paid Parental Leave
Paid Caregiver Leave
Additional sick leave beyond what state and local law require may be available but is unprotected
Adoption Reimbursement
Disability Benefits (short term and long term)
Life and Accidental Death Insurance
Supplemental benefit programs: critical illness/accident hospital indemnity/group legal
Employee Assistance Programs (EAP)
Extensive employee wellness programs
Employee discounts up to 50% off on eligible AT&T mobility plans and accessories,
AT&T internet (and fiber where available) and AT&T phone.

Company

AT&T

twittertwittertwitter
Glassdoor3.5
company-logo
AT&T is a telecommunications company that provides wireless communications, internet and digital television services.
dateFounded in 1983
location
Dallas, Texas, USA
people-size10001+ employees
web-link
https://www.att.com/

H1B Sponsorship

AT&T has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (575)
2024 (586)
2023 (282)
2022 (450)
2021 (271)
2020 (162)

Funding

Current Stage
Public Company
Total Funding
$5.04B
Key Investors
National Telecommunications and Information Administration
2025-09-19Post Ipo Debt· $5B
2024-02-12Grant· $42.3M
2023-01-19Grant· $2.2M

Leadership Team

leader-logo
Jeremy Legg
CTO
linkedin
leader-logo
Pascal Desroches
Senior Executive Vice President and Chief Financial Officer
linkedin

Recent News

The Motley Fool
3 of the Best Stocks Under $100 to Buy in 2026
2026-01-09
Bizjournals.com Feed (2025-11-12 15:43:17)
AT&T in Dallas, by the numbers
2026-01-09
SlashGear.com
AT&T Has Some Changes Coming In 2026 That Customers Need To Know About
2026-01-09
Company data provided by crunchbase