Software Developer - For Cybersecurity Team

T-Mobile | Bellevue, WA

Applying to this job will open a new window on the employer's web site to apply there.

Posted Date 5/07/2020

Using your Software Development expertise, the Sr Software Developer will help ensure that our software is implemented to the highest security standards. You will work to minimize security weaknesses, bugs, exploits or violations of development standards within the T-Mobile organization. Contribute to the software development strategy for the organization. Auditing, analyzing, coordinating, and implementing security measures to enhance security posture within mobile device, IoT device, enterprise line of business applications, cloud, big data, and core and carrier network technologies as well as other business units as needed. Collaborate with Engineering and Operations Teams to address security vulnerabilities found via PSIRTs, scans or breaches. Also, drive and support network security best practices.

The engineer will also participate in architecture and design of various software components focused on creating applications that leverage technologies such as virtualization, micro services, SDN, NFV, and Big Data platforms and technologies. Works on technical assignments that are moderately difficult, requiring judgment in resolving issues or in making recommendations. Works on assignments requiring considerable judgment and initiative. Understands implications of work and makes recommendations for solutions. Normally receives little instruction on daily work, general instructions on newly introduced assignments.

What you'll do in your role.

  • Improves process efficiency by creating and implementing creative and sustainable changes to existing deployment methodologies
  • Protypes new solutions using programming techniques that will incorporate the most secure programming practices
  • Creates new software systems and tools using Agile methodologies in the full software development lifecycle (SDLC)
  • Project documentation, deployment and ongoing support of applications
  • Independently develop secure customer facing applications with understanding of the building blocks, interactions, dependencies, and tools required to complete software and automation work. Independent study of current technology is expected
  • Interact with system engineers to define system requirement and/or necessary requirements for automation
  • Understands system protocols, how systems operate and data flows. Aware of current technology benefits
  • Collaborates with technical teams and utilizes system expertise to deliver technical solutions
  • Continuously learns and teaches others existing and new technologies
  • Manages security, compliance and risk assessments for TMO organization
  • Manages the identification of security needs and recommends plans/resolutions. Implements, tests and monitors info security improvements
  • Maintains visibility inside and outside of information security at the people management level. Interfaces with groups such as application support, engineering ops, finance, privacy, risk management, etc.
  • Implements information security policy throughout SDLC, including intake, creation, review, approval, implementation, publishing, communication and maintenance
  • Executes security projects driven by groups both internal and external to info security
  • Contributes to the development of others through mentoring or in-house workshops and learning sessions
  • Mentors peers and junior team members in security technologies, enterprise solution design and facilitation and effective customer interaction
  • Also responsible for other duties/projects as assigned by business management as needed

The experience you'll bring.

Minimum Requirements:

  • 2+ years' work experience using coding languages such Java, Python, Golang, Angular, etc. OR a Master’s Degree in Information Technology or related field
  • A Bachelor's Degree in Information Technology or related field (although additional work experience may be substituted for this requirement)
  • Medium to advanced knowledge of Scripting tools such as Python, Perl, Shell, HTML, PHP or other Scripting Tools
  • In-depth knowledge of security best practices in large-scale environments
  • Knowledge of how software is deployed in Cloud and off-brand environments
  • Knowledge of federal and compliance regulations e.g. SOX, PCI, CCPA, GDPR and CPNI
  • Ability to plan, organize and prioritize tasks to complete independently
  • Ability to work under pressure and meet tight timelines
  • Strong presentation skills to large and small audiences
  • Strong problem solving / troubleshooting skills
  • Self-motivated and able to work under tight timelines
  • Always act with tact and integrity, and interface with a variety of individuals in a positive and productive manner
  • Strong verbal and communication skills with diverse cross functional groups and the ability to present effectively to small and large groups
  • The ability to travel occasionally, overnight

A plus to have:
  • Knowledge of current technological trends and developments in the area of info security
  • Understanding of underlying technologies that form the solution necessary for the application of threat identification, analysis, and thread model design. The threat model depicts trust boundary, threat agent(s), threat vector(s), and safeguard(s) necessary to protect person, asset, data, and T-Mobile brand
  • Knowledgeable in several facets of network and information security, including Firewall policy design, SSL Certificate management, vulnerability analysis and mitigation, and other topics as assigned
  • Knowledge of load balancers, firewalls, Venafi, MDM, Cloud, Malware Protection, Advanced Persistent Threats, Privileged Accounts, SIEM, Log and Event, Intrusion IDS/IPS, Cloud Platform, Scanning, AppSec (i.e. Veracode)
  • Understanding of advanced IP/Security solutions and technologies applicable to the Wireless Network Architecture
  • Strong understanding of T-Mobile’s network elements and how they work together (EIT, Engineering and 3rd Party)
  • CISSP and/or CCSK and/or CCSP and/or CISA/CISM certification

"Digital Security"

Share this job