Database Vulnerability Scanning Engineer
AT&T, Charlotte, NC, United States
This position requires office presence of a minimum of 5 days per week and is only located in the location(s) posted. No relocation is offered.
Join AT'T and help shape the future of communications and technology that connect the world. We value innovators who seek to explore the unknown and challenge the status quo. Bring your bold ideas and fearless spirit to redefine connectivity and transform how people share stories and experiences. At AT'T, you won't just imagine the future—you'll build it.
We are seeking a seasoned cybersecurity professional to join our team as a Vulnerability Scanning Engineer with a focus on database vulnerability scanning. This role is responsible for operating and advancing our database vulnerability management capabilities—ensuring database platforms are accurately discovered, authenticated, scanned, and reported—while partnering with database and application teams to drive remediation and risk reduction.
Responsibilities
Administer and maintain vulnerability scanning platforms and processes focused on database technologies.
Perform authenticated database vulnerability scans, validate results, and tune policies to reduce false positives
egatives.
Support scanning coverage across multiple database solutions including Oracle, MySQL, MariaDB, and DB2.
Coordinate with DBAs, infrastructure, and application teams to configure secure credentials, network paths, and least-privilege access required for scanning.
Work with stakeholders to identify and document technical constraints that may affect scan coverage or accuracy.
Develop and maintain SQL queries and scripts to support validation, triage, reporting, and data quality checks.
Analyze findings related to patching, configuration, and permissions; translate technical issues into actionable remediation guidance.
Maintain dashboards and metrics for scan coverage, data completeness, risk trends, and remediation progress.
Integrate vulnerability findings with ServiceNow for vulnerability response workflows and CMDB alignment.
Automate operational tasks using scripting (e.g., Python, Bash) to improve scan orchestration and reporting.
Required Skills
Hands‑on experience performing and supporting database vulnerability scanning (authenticated scanning, policy tuning, and results validation).
Experience with multiple database solutions such as Oracle, MySQL, MariaDB, and DB2.
SQL development skills (writing queries for validation, triage, reporting, and automation support).
Knowledge of various database attack vectors and practices (e.g., privilege escalation, injection patterns, weak authentication, insecure configuration, excessive permissions).
Understanding of database security fundamentals: authentication models, roles/privileges, encryption options, auditing/logging, and configuration baselines.
Experience with system administration (Linux and Windows) to support scanners, agents, and connectors.
Proficiency in scripting/programming (Python, Bash, Perl) for automation and operational support.
Minimum of 5-7 years of experience in cybersecurity or vulnerability management, with demonstrated experience supporting database technologies.
Desired Skills
Experience with vulnerability management tooling and workflows (asset onboarding, credential management, scan scheduling, exception handling, and reporting).
Strong knowledge of database security compliance and hardening standards (e.g., CIS Benchmarks, DISA STIGs) and the ability to map scanner findings to control requirements and remediation evidence.
Experience supporting audit and regulatory compliance efforts by producing vulnerability metrics, remediation evidence, and documentation aligned to internal policy and applicable standards (e.g., SOX, PCI DSS, HIPAA, GDPR).
Expertise with additional database platforms such as Microsoft SQL Server, Cassandra, MongoDB, and/or Sybase.
Knowledge of web site APIs.
Understanding of ServiceNow integrations and vulnerability response.
Experience with AI technologies (LLM, RAG).
Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
Relevant certifications (e.g., CISSP, CEH, CompTIA Security+).
Familiarity with applying Artificial Intelligence (AI) or Machine Learning (ML) techniques in cybersecurity contexts (e.g., anomaly detection, threat hunting, behavioral analytics, or risk scoring).
Benefits
Medical/Dental/Vision coverage
401(k) plan
Tuition reimbursement program
Paid Time Off and Holidays (at least 23 days of vacation each year and 9 company-designated holidays)
Paid Parental Leave
Paid Caregiver Leave
Additional sick leave beyond state and local law may be available but is unprotected
Adoption Reimbursement
Disability Benefits (short‑term and long‑term)
Life and Accidental Death Insurance
Supplemental benefit programs: critical illness, accident, hospital indemnity, group legal
Employee Assistance Programs (EAP)
Extensive employee wellness programs
Employee discounts up to 50% off on eligible AT'T mobility plans and accessories
AT'T internet (and fiber where available) and AT'T phone
Weekly Hours: 40
Time Type: Regular
Location: USA: NC: Charlotte / Ibm Dr - Adm: 8505 Ibm Dr
Salary Range: $141,300.00 - $211,900.00
It is the policy of AT'T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, AT'T will provide reasonable accommodations for qualified individuals with disabilities.
AT'T is a fair chance employer and does not initiate a background check until an offer is made.
#J-18808-Ljbffr
Join AT'T and help shape the future of communications and technology that connect the world. We value innovators who seek to explore the unknown and challenge the status quo. Bring your bold ideas and fearless spirit to redefine connectivity and transform how people share stories and experiences. At AT'T, you won't just imagine the future—you'll build it.
We are seeking a seasoned cybersecurity professional to join our team as a Vulnerability Scanning Engineer with a focus on database vulnerability scanning. This role is responsible for operating and advancing our database vulnerability management capabilities—ensuring database platforms are accurately discovered, authenticated, scanned, and reported—while partnering with database and application teams to drive remediation and risk reduction.
Responsibilities
Administer and maintain vulnerability scanning platforms and processes focused on database technologies.
Perform authenticated database vulnerability scans, validate results, and tune policies to reduce false positives
egatives.
Support scanning coverage across multiple database solutions including Oracle, MySQL, MariaDB, and DB2.
Coordinate with DBAs, infrastructure, and application teams to configure secure credentials, network paths, and least-privilege access required for scanning.
Work with stakeholders to identify and document technical constraints that may affect scan coverage or accuracy.
Develop and maintain SQL queries and scripts to support validation, triage, reporting, and data quality checks.
Analyze findings related to patching, configuration, and permissions; translate technical issues into actionable remediation guidance.
Maintain dashboards and metrics for scan coverage, data completeness, risk trends, and remediation progress.
Integrate vulnerability findings with ServiceNow for vulnerability response workflows and CMDB alignment.
Automate operational tasks using scripting (e.g., Python, Bash) to improve scan orchestration and reporting.
Required Skills
Hands‑on experience performing and supporting database vulnerability scanning (authenticated scanning, policy tuning, and results validation).
Experience with multiple database solutions such as Oracle, MySQL, MariaDB, and DB2.
SQL development skills (writing queries for validation, triage, reporting, and automation support).
Knowledge of various database attack vectors and practices (e.g., privilege escalation, injection patterns, weak authentication, insecure configuration, excessive permissions).
Understanding of database security fundamentals: authentication models, roles/privileges, encryption options, auditing/logging, and configuration baselines.
Experience with system administration (Linux and Windows) to support scanners, agents, and connectors.
Proficiency in scripting/programming (Python, Bash, Perl) for automation and operational support.
Minimum of 5-7 years of experience in cybersecurity or vulnerability management, with demonstrated experience supporting database technologies.
Desired Skills
Experience with vulnerability management tooling and workflows (asset onboarding, credential management, scan scheduling, exception handling, and reporting).
Strong knowledge of database security compliance and hardening standards (e.g., CIS Benchmarks, DISA STIGs) and the ability to map scanner findings to control requirements and remediation evidence.
Experience supporting audit and regulatory compliance efforts by producing vulnerability metrics, remediation evidence, and documentation aligned to internal policy and applicable standards (e.g., SOX, PCI DSS, HIPAA, GDPR).
Expertise with additional database platforms such as Microsoft SQL Server, Cassandra, MongoDB, and/or Sybase.
Knowledge of web site APIs.
Understanding of ServiceNow integrations and vulnerability response.
Experience with AI technologies (LLM, RAG).
Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
Relevant certifications (e.g., CISSP, CEH, CompTIA Security+).
Familiarity with applying Artificial Intelligence (AI) or Machine Learning (ML) techniques in cybersecurity contexts (e.g., anomaly detection, threat hunting, behavioral analytics, or risk scoring).
Benefits
Medical/Dental/Vision coverage
401(k) plan
Tuition reimbursement program
Paid Time Off and Holidays (at least 23 days of vacation each year and 9 company-designated holidays)
Paid Parental Leave
Paid Caregiver Leave
Additional sick leave beyond state and local law may be available but is unprotected
Adoption Reimbursement
Disability Benefits (short‑term and long‑term)
Life and Accidental Death Insurance
Supplemental benefit programs: critical illness, accident, hospital indemnity, group legal
Employee Assistance Programs (EAP)
Extensive employee wellness programs
Employee discounts up to 50% off on eligible AT'T mobility plans and accessories
AT'T internet (and fiber where available) and AT'T phone
Weekly Hours: 40
Time Type: Regular
Location: USA: NC: Charlotte / Ibm Dr - Adm: 8505 Ibm Dr
Salary Range: $141,300.00 - $211,900.00
It is the policy of AT'T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, AT'T will provide reasonable accommodations for qualified individuals with disabilities.
AT'T is a fair chance employer and does not initiate a background check until an offer is made.
#J-18808-Ljbffr