Principal Cybersecurity – Endpoint Security Platform Engineer (Tanium + Endpoint Security Platforms + AI-Driven Operations)

Join AT&T and reimagine the communications and technologies that connect the world. Our Chief Security Office ensures that our assets are safeguarded through truthful transparency, enforce accountability and master cybersecurity to stay ahead of threats. Bring your bold ideas and fearless risk-taking to redefine connectivity and transform how the world shares stories and experiences that matter. When you step into a career with AT&T, you won’t just imagine the future-you’ll create it.

Overview:

We are seeking a highly skilledEndpoint Security Platform Engineerto join our Cybersecurity team. This is a hands-on, deeply technical role responsible for deploying, operating, and optimizing endpoint security technologies atlarge global enterprise scale (tens of thousands of endpoints).

Initial focus:Lead theenterprise Tanium deployment, configuration, tuning, and operationalization across a global fleet.

Long-term scope:After Tanium is stabilized, the role expands to broader ownership of endpoint security platforms includingEDR, Remote Access VPN, DLP, and proxy/web controls, with a strong emphasis onAI-assisted monitoring, analytics, triage, automation, risk scoring, trend analysis, and reportingto improve security outcomes and operational efficiency.

Key Roles & Responsibilities:

1) Tanium Engineering & Operations (Initial Primary Focus)

• Lead thedeployment, configuration, tuning, and ongoing operationsof Tanium across a large global endpoint fleet.
• Implement and optimize Tanium modules includingAsset, Comply, Deploy, Threat Response, and Reveal, ensuringhigh availability, performance, and data quality.
• Own endpoint agent rollout strategy, upgrades, health monitoring, and troubleshooting at scale.
• Build and maintaincustom content(e.g., sensors, packages, queries, dashboards) to support inventory, vulnerability identification, compliance, and incident response.
• Serve as theTanium SMEduringsecurity incidents, audits, and compliance initiatives.

2) Endpoint Security Platforms (Broader, Long-Term Scope)

• Deploy and manage endpoint security agents and controls for:
  • Remote Access VPN(e.g., Palo Alto GlobalProtect)
  • DLP(e.g., Microsoft Purview/Defender and Forcepoint)
  • EDR(e.g., SentinelOne and/or Palo Alto Cortex XDR)
  • Proxy / secure web access controls(endpoint agent and policy enforcement as applicable)
• ProvideTier-3 engineering supportfor endpoint security platforms, includingroot-cause analysis, performance tuning, policy/exclusion management, and vendor escalation.
• Participate in a weekly on-call support rotationfor endpoint security platforms (Tanium, EDR, VPN, DLP, and proxy/web controls), responding to urgent incidents/outages, driving triage to resolution, and coordinating with internal teams and vendors as needed.
• Standardize global deployment patterns and endpoint security baselines to ensure consistent control coverage and user experience.

3) Integrations, Automation, and AI-Driven Security Operations

• Build and maintainintegrations between Tanium and other enterprise security toolsto improveautomation, inventory, vulnerability identification, and threat response.
• ImplementAI-assisted monitoring and analyticsto improve signal-to-noise, accelerate detection/triage, and reduce manual effort, including:
  • AI-assistedalert enrichment and triage(correlation, deduplication, prioritization)
  • AI-drivenrisk scoringfor endpoints/users based on posture, vulnerabilities, and behavioral signals
  • Trend analysis(control coverage, agent health, patch/compliance drift, incident patterns)
  • Automatedreportingfor operational health, compliance, and executive-level metrics
• Develop and maintain automation (APIs, scripting, orchestration) to support:
  • Agent deployment/upgrade workflows
  • Compliance checks and remediation
  • Incident response actions (containment support, rapid scoping, targeted remediation)
  • Continuous control validation and drift detection

4) Documentation, Runbooks, and Operational Excellence

• Maintain detailedrunbooks, operational playbooks, and endpoint security baselinesfor global deployment consistency.
• Define and track KPIs (coverage, agent health, MTTR, compliance posture, vulnerability exposure) and produce recurring operational and risk reports.
• Partner with Security Operations, Infrastructure, and End-User Computing teams to align endpoint tooling with incident response, vulnerability management, and compliance workflows.
• Conduct root cause analysis for endpoint performance/telemetry issues and drive remediations through coordinated change management processes.

Required Qualifications:

• 5+ yearsin endpoint security or endpoint systems engineering withinlarge enterprise environments.
• Hands-on experience deploying and operating endpoint security agent technologies such asEDR, DLP, and VPN(proxy/web controls experience a plus).
• Strong Tanium capability (deployment and operations) and ability to function as an SME during incidents/audits/compliance efforts.
• Demonstrated experience buildingintegrationsacross security tools to improve automation and response.
• Experience usingAI-assisted workflowsin security operations (monitoring/analytics/triage/automation) and translating outputs into actionable engineering changes.
• Strong scripting/automation skills (e.g.,PowerShell, Python, APIs) and comfort operating at scale across global fleets.
• Strong expertise in endpoint operating systems (Windows, Linux, Android, and iOS), including OS internals, security hardening, configuration management, and troubleshooting at enterprise scale.
• Ability to work effectively withdistributed, cross-functional teamson security tool deployment and integration projects.
• Self-reliant, diligent follow-through on assigned tasks; able to operate well under pressure and urgent circumstances.
• Ability to produce clear technical documentation and operational reporting.

Preferred Qualifications:

• Tanium Certified Operator or Administrator.
• Deep experience with Tanium modules:Asset, Comply, Deploy, Threat Response, Reveal.
• Experience withPalo Alto GlobalProtect,Microsoft Purview/Defender + Forcepoint DLP, andSentinelOne / Cortex XDR.
• Experience implementing AI-driven capabilities such as:
  • Endpoint/posturerisk scoring models
  • Automatedtrend and anomaly detection
  • AI-assistedexecutive reportingand operational dashboards
• Experience designing endpoint security architecture and standardizing global deployment patterns.
• Security certifications such as CISSP, GIAC, or equivalent

What Success Looks Like

• Tanium is deployed and operating reliably at scale with strong coverage, performance, and actionable reporting.
• Endpoint security platforms (EDR/VPN/DLP/proxy) are operationally mature: consistent deployments, measurable health, and efficient Tier-3 support.
• Theweekly on-call rotationruns smoothly with clear runbooks, fast triage, and measurable improvements in stability and MTTR.
• AI-assisted monitoring, analytics, triage, and automation measurably improve speed and quality of response, reduce manual workload, and enhance risk visibility through scoring, trends, and reporting.

Education/Experience: Bachelor’s degree (BS/BA) desired in Computer Science or Cybersecurity. 7+ years of related experience. Certification is required in some areas.

Supervisor:

No

Our Principal Cybersecurity earns between $155,000-$233,200 USD Annual, not to mention all the other amazing rewards that working at AT&T offers. Individual starting salary within this range may depend on geography, experience, expertise, and education/training.

Joining our team comes with amazing perks and benefits:

• Medical/Dental/Vision coverage
• 401(k) plan
• Tuition reimbursement program
• Paid Time Off and Holidays (based on date of hire, at least 23 days of vacation each year and 9 company-designated holidays)
• Paid Parental Leave
• Paid Caregiver Leave
• Additional sick leave beyond what state and local law require may be available but is unprotected
• Adoption Reimbursement
• Disability Benefits (short term and long term)
• Life and Accidental Death Insurance
• Supplemental benefit programs: critical illness/accident hospital indemnity/group legal
• Employee Assistance Programs (EAP)
• Extensive employee wellness programs
• Employee discounts up to 50% off on eligible AT&T mobility plans and accessories,
• AT&T internet (and fiber where available) and AT&T phone.

#LI-Onsite – Full-time office role-

Ready to join our team? Apply today.

Weekly Hours:

Time Type:

Location:

Salary Range:

It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, AT&T will provide reasonable accommodations for qualified individuals with disabilities.AT&T is a fair chance employer and does not initiate a background check until an offer is made.