Job Detail

Sr Engineer, Cybersecurity - Vuln Mgmt Compliance Scanning - T-Mobile
Bellevue, Washington
Posted: Apr 11, 2022 02:17

Job Description

This is a hybrid role that can be performed from Bellevue, WA, Frisco, TX, Overland Park, KS, Atlanta, GA, Reston, VA, or Miami, FL.

Are you ready to make a difference in the world of wireless security? Then come join the T-Mobile team as a Sr Engineer, Cybersecurity - Vulnerability Management Compliance Scanning!

The Team:

Our Vulnerability Management team - is in the business of trust and reliability. We create, maintain the Scanning Infrastructure and Operations function within the Vulnerability Management organization team comprised of full-time employee individual contributors, managed services, and external partners. The functions include operating and maintaining T-Mobile's vulnerability scanning infrastructure, as well as assisting vulnerability response and remediation tasks with partner and vendor teams. This position is an individual contributor role reporting to the Manager of Vulnerability Management.

This Position:

As a Sr. Security Engineer for Vulnerability Management, you will oversee vulnerability assessments to support compliance audits (PCI, FedRamp, IL4). You will partner with a wide range of functional groups including Compliance, Legal, Security Architecture, Product Security and Engineering teams. You are a highly motivated individual with strong emotional intelligence and demonstrated experience in high growth, fast-paced organizations. You are experienced with Cloud platforms and able to automate tasks using Python creating integrations between our security tooling. You have the ability to lead through conflict, take input from multiple stakeholders and deliver solutions required to address complex security issues.

What you'll do in your role.

  • Evaluate control effectiveness and providing input to establish plans of actions for remediation of risk

  • Provide backup support for coordination of vulnerability remediation activities

  • Interface regularly with external customers for continuous monitoring program reviews

  • Lead Policy Compliance scans by gathering logistics across product environments and track remediation of findings

  • Automate compliance scanning and assessment functions

  • Integrate telemetry from various source systems (technical assessment tools, inventory and configuration management systems) to measure Vulnerability Management program effectiveness and control gaps

  • Breakdown problems to re-engineer processes. Provide direction to others to design solutions to automate capabilities

  • Maintain expert knowledge of Vulnerability Management products/services, industry/regulatory standards, Vulnerability Management requirements and assessments

  • Align with the Trust and Security initiatives that drive scale and operational excellence

  • Maintain strong relationships based on trust and transparency with primary stakeholders

  • Establish automated audit policies (CIS/STIG) based on defined baselines, including custom STIG policies

  • Negotiate appropriate trade-offs and ensure clear accountability, targets, timelines and deliverables for each major initiative

  • Automate workflow related to POA&M tracking and reporting for vulnerabilities. Centralize evidence collection to support audits

The experience you'll bring.

Desired:

  • 5+ years of industry experience

  • Experience with automation and scripting using Python

  • Experience leading technical teams

  • Experience in establishing and managing Continuous Monitoring programs for FedRamp, IL4

  • Experience in establishing and managing PCI compliance technical assessments (ASV, Pen Tests, Segmentation testing) and coordinating remediation efforts to demonstrate compliance

  • Experience mapping compliance requirements to technical controls

  • Experience of industry scan tools to provide assessment evidence related to control requirements (Nessus, Rapid7, NMAP)

  • Demonstrated knowledge of technical security controls and how they apply to on-premises, segmented, and cloud environments

  • Understanding of network and operational processes to drive scalable architecture and workflow solutions

  • Have performed risk assessments using a variety of tools and processes (Threat Intelligence, Exploit Analysis, Threat Modeling, Nessus Scanners, Container Security Tools, Cloud telemetry)

  • Experience with cloud solutions (i.e., AWS, Azure, GCP)

  • Experience in alignment of Vulnerability Management processes with cloud platforms

Preferred Qualifications:

  • Bachelors' Degree in Computer Science, Information Technology, Cybersecurity or related field, or equivalent work experience

  • CISM/CISSP

  • 6+ years of Cybersecurity industry experience at enterprise scale

  • Comfortable with ambiguity and fast change with an ability to adapt as needed

  • Bachelors degree in IT, Cybersecurity, etc. or equivalent work experience

  • At least 18 years of age

  • Legally authorized to work in the United States

  • High School Diploma or GED

  • T-Mobile requires all employees in this position to be fully vaccinated for COVID-19 prior to starting work, unless precluded from doing so by applicable law. The CDC currently defines -fully vaccinated- as two weeks after the second dose for Pfizer and Moderna, and two weeks after the single dose of Johnson & Johnson. T-Mobile will require proof of vaccination prior to successful applicant's first day of work, and will consider requests for exemption from this requirement during the offer phase (1) as a reasonable accommodation for medical reasons or sincerely held religious beliefs where the accommodation would not cause T-Mobile undue hardship or pose a direct threat to the health and safety of others, or (2) for other reasons under applicable law.

Position details

Req ID: 193851BR

Department: Engineering

Travel Required: No



Job Detail

  • Location:
    Bellevue, Washington
  • Company:

Company Overview

T-Mobile

Bellevue, Washington