This is a hybrid role that can be performed from Bellevue, WA, Frisco, TX, Overland Park, KS, Atlanta, GA, Reston, VA, or Miami, FL.
Are you ready to make a difference in the world of wireless security? Then come join the T-Mobile team as a Sr Engineer, Cybersecurity - Vulnerability Management Compliance Scanning!
The Team:
Our Vulnerability Management team - is in the business of trust and reliability. We create, maintain the Scanning Infrastructure and Operations function within the Vulnerability Management organization team comprised of full-time employee individual contributors, managed services, and external partners. The functions include operating and maintaining T-Mobile's vulnerability scanning infrastructure, as well as assisting vulnerability response and remediation tasks with partner and vendor teams. This position is an individual contributor role reporting to the Manager of Vulnerability Management.
This Position:
As a Sr. Security Engineer for Vulnerability Management, you will oversee vulnerability assessments to support compliance audits (PCI, FedRamp, IL4). You will partner with a wide range of functional groups including Compliance, Legal, Security Architecture, Product Security and Engineering teams. You are a highly motivated individual with strong emotional intelligence and demonstrated experience in high growth, fast-paced organizations. You are experienced with Cloud platforms and able to automate tasks using Python creating integrations between our security tooling. You have the ability to lead through conflict, take input from multiple stakeholders and deliver solutions required to address complex security issues.
What you'll do in your role.
Evaluate control effectiveness and providing input to establish plans of actions for remediation of risk
Provide backup support for coordination of vulnerability remediation activities
Interface regularly with external customers for continuous monitoring program reviews
Lead Policy Compliance scans by gathering logistics across product environments and track remediation of findings
Automate compliance scanning and assessment functions
Integrate telemetry from various source systems (technical assessment tools, inventory and configuration management systems) to measure Vulnerability Management program effectiveness and control gaps
Breakdown problems to re-engineer processes. Provide direction to others to design solutions to automate capabilities
Maintain expert knowledge of Vulnerability Management products/services, industry/regulatory standards, Vulnerability Management requirements and assessments
Align with the Trust and Security initiatives that drive scale and operational excellence
Maintain strong relationships based on trust and transparency with primary stakeholders
Establish automated audit policies (CIS/STIG) based on defined baselines, including custom STIG policies
Negotiate appropriate trade-offs and ensure clear accountability, targets, timelines and deliverables for each major initiative
Automate workflow related to POA&M tracking and reporting for vulnerabilities. Centralize evidence collection to support audits
The experience you'll bring.
Desired:
5+ years of industry experience
Experience with automation and scripting using Python
Experience leading technical teams
Experience in establishing and managing Continuous Monitoring programs for FedRamp, IL4
Experience in establishing and managing PCI compliance technical assessments (ASV, Pen Tests, Segmentation testing) and coordinating remediation efforts to demonstrate compliance
Experience mapping compliance requirements to technical controls
Experience of industry scan tools to provide assessment evidence related to control requirements (Nessus, Rapid7, NMAP)
Demonstrated knowledge of technical security controls and how they apply to on-premises, segmented, and cloud environments
Understanding of network and operational processes to drive scalable architecture and workflow solutions
Have performed risk assessments using a variety of tools and processes (Threat Intelligence, Exploit Analysis, Threat Modeling, Nessus Scanners, Container Security Tools, Cloud telemetry)
Experience with cloud solutions (i.e., AWS, Azure, GCP)
Experience in alignment of Vulnerability Management processes with cloud platforms
Preferred Qualifications:
Bachelors' Degree in Computer Science, Information Technology, Cybersecurity or related field, or equivalent work experience
CISM/CISSP
6+ years of Cybersecurity industry experience at enterprise scale
Comfortable with ambiguity and fast change with an ability to adapt as needed
Bachelors degree in IT, Cybersecurity, etc. or equivalent work experience
At least 18 years of age
Legally authorized to work in the United States
High School Diploma or GED
T-Mobile requires all employees in this position to be fully vaccinated for COVID-19 prior to starting work, unless precluded from doing so by applicable law. The CDC currently defines -fully vaccinated- as two weeks after the second dose for Pfizer and Moderna, and two weeks after the single dose of Johnson & Johnson. T-Mobile will require proof of vaccination prior to successful applicant's first day of work, and will consider requests for exemption from this requirement during the offer phase (1) as a reasonable accommodation for medical reasons or sincerely held religious beliefs where the accommodation would not cause T-Mobile undue hardship or pose a direct threat to the health and safety of others, or (2) for other reasons under applicable law.
Position details
Req ID: 193851BR
Department: Engineering
Travel Required: No