This job can be located anywhere within the United States.
Are you ready to help transform the world of Wireless Security? Then come join T-Mobile, the nation's UnCarrier as our next Sr CIRT Engineer (Enterprise)!
The Sr CIRT Engineer role, working in the Cyber Transformation Organization will be responsible for monitoring, assessing, and responding to information security events in a large diverse enterprise environment. The best candidate for the role should have a strong comprehension of incident response, work well with other people and have strong verbal and written communication skills. This position correlates security related data across the enterprise, performs Security Incident Response Handling & Incident Containment/Recovery and also assists application owners to understand and implement the security aspects of their applications. Additionally, the candidate must have some knowledge of system security design and network security best practices. Analytical and organizational skills, and the ability to effectively communicate and work independently and as part of a team are required.
What you'll do in your role.
Investigate incidents for Cyber Incident Response Team (CIRT)
Develop content to improve detective capabilities in Security Information and Event Management (SIEM) tool
Analyze disparate data sources for security incidents
Respond to network security incidents promptly to mitigate damage or restore service
A champion for process, recommending tool, software development, or infrastructure
changes to improve or enhance security
Lead small to medium sized projects as directed
Develop and deliver metrics as requested
Participate in Cyber Incident Response Team (CIRT) rotation that may involve non-traditional working hours
The experience you'll bring.
3+ years of Cyber Incident Handling experience (+ 2 years' Engineering) OR 5+ years of Cybersecurity experience
High-level network troubleshooting ability
Ability to plan, organize and prioritize tasks to complete independently and within time frame established
Intermediate level of scripting experience
Knowledge and experience with current cyber threats and landscape to Enterprise environments.
In-depth knowledge of security best practices in large-scale environments
In-depth knowledge of security technologies such as, but not limited to:
Intrusion Detection systems (I.E. Checkpoint, McAfee, ISS, Snort, etc.)
Security Information and Event Management (SIEM)
Network Windows/Linux forensics techniques
Vulnerability scanning tools (WebInspect, Nessus, etc.)
In-depth knowledge of networking and OS technologies such as, but not limited to:
Diagnostic tools such as packet capture/decode and WAN probes
Operating Systems: Windows & UNIX - Solaris, HP/UX, or Linux operating systems administration
Networking components including routers, hubs, switches, etc.
TCP/IP protocols
OSI Seven Layer Model
Knowledge of state and Federal regulatory requirements PCI, PII, CPNI requirements
Strong verbal and written communication skills
The starting pay range for a candidate selected for this position who is based in Colorado is generally within the range of $121,200 to $164,000 for annual base salary. The successful candidate's actual pay will be based on various factors, such as work location, qualifications, and experience, so the actual starting pay may be above or below this range. Employees are eligible for a year-end bonus based on company and/or individual performance and which is set at a percentage of an employee's eligible earnings in the prior year.
Employees are eligible for a year-end bonus based on company and/or individual performance and which is set at a percentage of an employee's eligible earnings in the prior year.
Bachelor's Degree in Computer Science, Cybersecurity or related area, or equivalent experience
Having at least one current form of following certifications is a plus: GCIH, GCIA, GCFA or GREM
At least 18 years of age
Legally authorized to work in the United States
High School Diploma or GED
T-Mobile requires all employees in this position to be fully vaccinated for COVID-19 prior to starting work, unless precluded from doing so by applicable law. The CDC currently defines -fully vaccinated- as two weeks after the second dose for Pfizer and Moderna, and two weeks after the single dose of Johnson & Johnson. T-Mobile will require proof of vaccination prior to successful applicant's first day of work, and will consider requests for exemption from this requirement during the offer phase (1) as a reasonable accommodation for medical reasons or sincerely held religious beliefs where the accommodation would not cause T-Mobile undue hardship or pose a direct threat to the health and safety of others, or (2) for other reasons under applicable law.
Position details
Req ID: 193418BR
Department: Engineering
Travel Required: No
