Job Description

Do you want to work on the latest Mobile Cybersecurity Technologies? Do you enjoy working with and applying Technology to improve Customer Experience and solve Business Problems? Do you want to lead an exceptional team of technologists that makes an impact on T-Mobile's business every day? Do you want to feel like you are directly contributing to the success of T-Mobile, and be part of the Un-Carrier movement? Then join our Cyber Incident Response Team as CIRT Manager.

We are looking for a smart, enthusiastic, and creative leader with a history of strategic and tactical execution. The CIRT Manager leads a Cybersecurity Incident Response Team within the Cybersecurity operations organization and reports to the Senior Manager of Cybersecurity Incident Response. In this role, you will oversee a 24x7 function and team comprised of individual contributors, managed services, and external partners. We operate in a very fast-paced agile environment with quick decisions. We encourage innovation and expect you to take ownership and initiative. This role provides a unique opportunity to drive Technology direction for T-Mobile USA. The Manager of Cybersecurity will facilitate security related interactions with business partners, OEMs, and service partners. Integration with the cybersecurity community internal to T-Mobile and external with partners such as government, industry, and security organizations is necessary. This person will demonstrate strong critical thinking skills, excellent communication skills, and effectively manage the time and effort of all individual contributors, projects, and associated initiatives. A strong understanding of security technologies, architecture, and best practices will be critical to the success of this role. The team maintains corporate data network security infrastructure and provides information security based on the enforcement of the T-Mobile security policies. The team also assists application owners to understand and implement the security aspects of their applications and advises on best security practices for new company projects and initiatives.
Responsibilities

• Serve as incident commander for high profile cyber incidents with legally sound forensic investigative method used in data breaches, litigation and law enforcement referrals
• Test and maintain incident response plans and processes to address existing and emerging threats; Organize and maintain documentation for executive and targeted functions for table-top exercises
• Handle Incident Response (IR) retainers and coordinate third party engagements; Establish meaningful measures & metrics for team performance and SLAs/OLAs
• Establishes and contributes to mutually beneficial shared goals with other teams. Adapts approach to accomplish team goals
• Leverages the capabilities, insights, and ideas of others
• Works to effectively resolve conflict between teams
• Manage technical relationships with assigned vendors, including driving features and function requests for inclusion in future product releases
• Demonstrates trust in others by eliminating unnecessary policies and checkpoints
• Mentor analysts, senior analysts, engineers, architects and cybersecurity individual contributors to promote successful performance and career growth in alignment with department and enterprise objectives
• Lead security projects driven by groups both internal and external to Digital Security
• Delivers meaningful feedback, and provides support for development activities of team members
• Challenges and inspires employees to achieve business results
• Encourages an environment where employees are valued and respected
• Help develop and implement the T-Mobile US (TMUS) Cyber Incident Response vision, strategy, and road map in partnership with appropriate teams across technology and business units
• Plan and execute appropriate protective measures to include policy, process, and overall cybersecurity awareness
• Monitors and measures work tasks to ensure deliverables and goals are completed on time
• Help develop and implement the T-Mobile US (TMUS) Cyber Incident Response vision, strategy, and road map in partnership with appropriate teams across technology and business units
• Plan and execute appropriate protective measures to include policy, process, and overall cybersecurity awareness
• Monitors and measures work tasks to ensure deliverables and goals are completed on time
• Demonstrated ability to provide cybersecurity consultation on designs and/or implementation of cybersecurity controls ensuring adherence to T-Mobile security standards and/or best practices
• Sets high standards for self / team and uses appropriate level urgency toward goal or project completion
• Strong organizational skills with ability to handle multiple high visibility issues simultaneously
• Ensures smooth flow of operations through planning, identification, and communication to assign responsibility to team members
• Seeks out new technologies and solutions to business problems
• Foster environment where team members identify problems, risks to continually review key business initiatives and find optimal resolutions

• Knowledge of telecommunication and mobile network technologies, specifically VoIP, SIP, IOS, Android, mobile device hardware, and 4G/5G security
• Knowledge of technologies, systems and networks as well as typical gaps that could impact the ability of an organization to effectively detect and respond to cyber attacks
• Experience with large scale and complex incidents of all types to include Advanced Persistent Threats, DDoS, insider, web and mobile applications, data ex-filtration etc.
• An ability to communicate complex and technical issues to diverse audiences, verbally and in writing, in an easily-understood, authoritative, and actionable manner
• Knowledge of Mitre ATT&CK and the cyber kill chain frameworks
• A deep understanding of cyber-security threats, vulnerabilities, controls and remediation strategies in mobile devices and telecommunications infrastructure enterprise environments
• Knowledge of cybersecurity policies and regulatory controls threats, vulnerabilities, and overall risk profile of the enterprise (per team function).

• Bachelor's Degree in Computer Science, Engineering or related field
• 5+ years in cybersecurity operations including 3+ years on a cyber incident response team, within a large enterprise organization
• 3+ years leading Cyber Security Operations, including team manager role