Sr Engineer, Cybersecurity | Security Operations

Job Description:

Sr Engineer, Cybersecurity | Security Operations

T-Mobile Enterprise IP & Security plays a key role in guarding customer trust and enterprise-wide security. We collaborate with multiple functional areas and impact every element of our business: corporate, networks, retail, IT and others.
We are looking for a result-oriented Cybersecurity Engineer who will help ensure that our software, systems and infrastructure are designed and implemented to the highest security standards. He/She will performs technical security assessments, code reviews, vulnerability testing to highlight risk and remediate associated findings while helping T-Mobile teams and partners improve security. The individual will work closely with other T-Mobile engineers to design and build proactive methods and solutions to enhance our security posture including mitigation of security risks, protection of data and intellectual property and compliance to standards / corporate security guidelines.

He / she is responsible for execution and lead audits, analyses, coordination, and implementation of security measures to enhance security posture within mobile devices, IoT devices, enterprise line of business applications, cloud, big data, core and carrier network as well as other business units as needed. He / she will provide thought leadership and collaborate with Engineering & Operations teams to address security vulnerabilities found via PSIRTs, scans or breaches. He / She will drive and support network security best practices and compliance to standards.

The main day-to-day focus of the team include certification lifecycle management, vulnerability assessment and remediation for network infrastructure (routing & switching + network security devices from Cisco, Check Point, A10 Networks, F5 Networks, Imperva WAF, Nokia, etc.), access control auditing and remediation, Pen Testing/Scanning results remediation, firewall rule remediation and lifecycle, various IT security system audits and remediation, and automation of common team workflows and duties.

Enterprise Core Competencies
Requires competency in customer focus, change & innovation, strategic thinking, relationship building & influencing, talent management, results focus and inspirational leadership.

Responsibilities:

Essential Functions

  • Leads security, compliance, and risk assessments on projects throughout project lifecycle
  • Executes security projects driven by groups both internal and external to information security.
  • Experience working with anti-malware controls, access control, vulnerability assessments, certificate management, firewall policies and compliance, pen tests and security events support.
  • Leads the identification of security needs, develop methods, guidelines & recommends plans/resolutions. Implements, tests & monitors info security improvements.
  • Maintains visibility inside & outside of information security at the people management level. Interfaces with groups such as application support, engineering ops, corporate functions, finance, privacy, risk management, etc.
  • Subject matter expert in multiple facets of network & information security, including Firewall policy design, SSL Certificate management, vulnerability analysis and remediation.
  • Leads information security policy lifecycle throughout, including intake, creation, review, approval, implementation, publishing, communication & maintenance.
  • Improves process efficiency by creating and implementing creative and sustainable changes to existing deployment methodologies.
  • Mentors peers and junior team members in security technologies, enterprise solution design and facilitation and effective customer interaction.
  • Experience with implementation of various threat modeling approaches pertaining to one or more of the following STRIDE, PASTA, TRIKE, ATTACK TREE, DREAD, KILL CHAIN, CAPEC, Mobile Application threat model, Cyber Threat Tree, and data flow diagram.
  • Experience with the analysis of underlying technologies that form the solution necessary for the application of threat identification, analysis, and thread model design. The threat model depicts trust boundary, threat agent(s), threat vector(s), and safeguard(s) necessary to protect person, asset, data, and T-Mobile brand.
  • Advanced understanding of IP/Security solutions & technologies applicable to the Wireless Network Architecture.
  • Responsible for other duties/projects as assigned by business management / leadership.


Qualifications:

Qualifications
Required
  • 4-7 years experience in information security technology or related field
  • Experience with incident handling for Security breaches.
  • Experience with security technologies, Networking, and web services. Understanding of encryption, obfuscation, tokenization technologies.
  • Subject matter expert in many facets of network and information security, including Firewall policy design, SSL Certificate management, vulnerability analysis and risk mitigation.
  • Knowledge of information security policies, federal and compliance regulations e.g. PCI, CPNI & SOX
  • Familiarity with load balancers (ex A10, F5), firewalls (ex Check Point), Venafi, Privileged Accounts (ex CyberArk), SIEM (ex ArcSight), Log & Event (ex Splunk), Intrusion IDS/IPS (ex Symantec) , Scanning (ex Qualys)
  • In-depth knowledge of security best practices in large-scale environments
  • Strong problem solving / troubleshooting skills
  • Self-motivated, ability to plan, organize and prioritize tasks to complete independently and work under tight timelines in a collaborative, fast-paced, multi-tasking environment.
  • Strong verbal, and communication skills with diverse cross functional groups & the ability to present effectively to small & large groups
  • Demonstrable knowledge of current technological trends and developments in the area of security
  • Ability to plan, organize and prioritize tasks to complete independently
  • The ability to work after hours, as needed.


Desired
  • Masters Degree. Computer Science, Cybersecurity or Information Technology.
  • Medium to expert knowledge of Scripting tools (Python/Perl/Shell/HTML/PHP)
  • Information security professional certification such as CISSP, SANS GIAC, IAM etc.
  • Solid understanding of networking concepts and tools including TCP/IP, UDP, VLAN, L2/L3 mapping (ARP, MAC addresses, IP addressing concepts), DNS concepts, and HTTP/HTTPS protocols
  • Solid understanding of network security concepts including SSL/TLS encryption (PKI Public Key Infrastructure, ciphers, firewall concepts, load balancing concepts, IDS/IPS concepts

Education
  • Bachelors Degree. Computer Science, Cybersecurity e or Information Technology.
  • In lieu of a degree, 10+ years related experience may be considered.

#LI-JL1

Company Profile:

As America's Un-carrier, T-Mobile USA, Inc. (NASDAQ: TMUS) is redefining the way consumers and businesses buy wireless services through leading product and service innovation. The company's advanced nationwide 4G and 4G LTE network delivers outstanding wireless experiences for customers who are unwilling to compromise on quality and value. Based in Bellevue, Washington, T-Mobile USA. Inc. provides services through its subsidiaries and operates its flagship brands, T-Mobile and Metro by T-Mobile. For more information, please visit http://www.t-mobile.com

EOE Statement:

We Take Equal Opportunity Seriously - By Choice. T-Mobile USA, Inc. is an Equal Opportunity Employer. All decisions concerning the employment relationship will be made without regard to age, race, ethnicity, color, religion, creed, sex, sexual orientation, gender identity or expression, national origin, marital status, citizenship status, veteran status, the presence of any physical or mental disability, or any other status or characteristic protected by federal, state, or local law. Discrimination or harassment based upon any of these factors is wholly inconsistent with our Company values and will not be tolerated. Furthermore, such discrimination or harassment may violate federal, state, or local law.


Back to top