Fevrok logo
Consultant Professional Services 2 ATC
2 years ago

Consultant Professional Services 2 ATC


The Governance, Risk and Compliance Security services of AT&T Consulting Solutions is looking for qualified persons to join its team of world-class security and information risk management professionals. This position will be focused on providing guidance around security and privacy regulatory and industry standard requirements to our portfolio of Fortune 500 clients, conducting security risk assessments, and working with the practice leadership to keep abreast of developments in the information security space from both a strategic and technical perspective.


Key job responsibilities will include:

Conduct information security assessments using industry accepted best practices and approaches to support enterprise business goals and objectives

Evaluate information security risk in context of business environment and industry requirements

Consult with clients on information security best practices and provide guidance on cost-effective strategies for implementation of security

Follow standard methodologies and develop new and innovative processes for delivering information security solutions

Focus on results and ability to work within tight timelines

Demonstrated ability to learn and apply critical thinking to a variety of situations

Design deliverable content to precisely reflect the engagement contract and client needs

Work with clients to help them understand where improvements could be made, and propose scenarios and solutions to address these areas of improvement

Build and nurture positive working relationships with clients with the intention to exceed client expectations


Required Qualifications

BA/BS in information technology, business administration, or related field preferred

3-5 years of experience in information risk management, security governance, program development, regulatory and controls experience

CISSP certification

CISM, CCSP, CIPP, CISA certification a plus

Solid understanding of the evolving security and privacy controls environment, regulatory landscape and risk management techniques, principles and practices

Experience performing risk and compliance assessments and in-depth knowledge of industry standards and regulatory requirements (e.g., HIPAA, HITRUST, HITECH, PCI DSS, FISMA, NIST, ISO 2700X, COBIT, FFIEC, NERC CIP, etc.)

Experience and firm understanding of the development and implementation of information security policies, standards and related procedures

Ability to provide risk-based recommendations based upon the size and complexity of the clients organization

Ability to educate clients of the risk implications associated with a particular business decision, and communicate the likelihood and impact of those decisions so clients can fully quantify those risks

Ability to translate complex technical information across all levels of the organization

Strong facilitation skills and a clear ability to build strong relationships with business stakeholders at all levels, including executive managers and vendors

Demonstrated ability to work effectively with a team, delivering high performance and customer satisfaction in a global, matrix-management environment

Strong business acumen and process-oriented thinking

Excellent presentation and issue resolution skills

Written communication skills for use in preparing formal documentation including deliverables, Statements of Work, proposals, white papers, and case studies

Verbal skills that include the ability to clearly articulate thoughts, be persuasive and to deliver presentation and training to all levels of management

Ability to interface with C-levels, as well as tactical implementers

Able to manage projects from inception to successful implementation

Strong investigative and analysis skills with the ability to handle confidential information

Ability to travel (~25% of time)

Keeps informed of advances in information security; self-motivator

Additional Qualifications

Consulting experience required

Privacy experience a plus

Understanding of cloud technologies and security is a plus

Understanding of available security tools and technologies

PCI DSS QSA a plus
AT&T will consider for employment qualified applicants in a manner consistent with the requirements of federal, state and local laws

We expect employees to be honest, trustworthy, and operate with integrity. Discrimination and all unlawful harassment (including sexual harassment) in employment is not tolerated. We encourage success based on our individual merits and abilities without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, disability, marital status, citizenship status, military status, protected veteran status or employment status

©2025 Fevrok. All Rights Reserved.