Sr CIRT Engineer, Cybersecurity - Telco

Are you ready to make a difference in Telco Cybersecurity? Then join T-Mobile as our new Sr CIRT Engineer, Cybersecurity - Telco role!

The Sr CIRT Engineer, Cybersecurity role working in the Digital Security Organization will be responsible for monitoring, assessing, and responding to information security events in a large diverse enterprise environment. The best candidate for the role should have a strong comprehension of incident response, work well with other people and have strong verbal and written communication skills. This position correlates security related data across the enterprise, performs Security Incident Response Handling and Incident containment/recovery and also assists application owners to understand and implement the security aspects of their applications. Additionally, the candidate must have some knowledge of system security design and network security best practices. Analytical and organizational skills, and the ability to effectively communicate and work independently and as part of a team are required.

What you'll do in your role.

• Investigate incidents for Cyber Incident Response Team (CIRT)
• Develop content to improve detective capabilities in Security Information and Event Management (SIEM) tool
• Analyze disparate data sources for security incidents
• Respond to network security incidents promptly to mitigate damage or restore service
• A champion for process, recommending tool, software development, or infrastructure
• changes to improve or enhance security
• Lead small to medium sized projects as directed
• Develop and deliver metrics as requested
• Participate in Cyber Incident Response Team (CIRT) rotation that may involve non-traditional working hours

The experience you'll bring.

Minimum Required

• Cyber Incident Handling experience
• High-level network troubleshooting ability
• Ability to plan, organize and prioritize tasks to complete independently and within time frame established
• Knowledge and experience with current cyber threats and landscape to Enterprise environments.
• In-depth knowledge of security best practices in large-scale environments
• In-depth knowledge of security technologies such as, but not limited to:
  • telecommunication and mobile network technologies, specifically VoIP, SIP, IOS, Android, mobile device hardware, and 4G/5G security.
  • Intrusion Detection systems (I.E. Checkpoint, McAfee, ISS, Snort, etc.)
  • Security Information and Event Management (SIEM)
  • Network Windows/Linux forensics techniques
  • Vulnerability scanning tools (WebInspect, Nessus, etc.)
• In-depth knowledge of networking and OS technologies such as, but not limited to:
  • Diagnostic tools such as packet capture/decode and WAN probes
  • Operating Systems: Windows and UNIX - Solaris, HP/UX, or Linux operating systems administration
  • Networking components including routers, hubs, switches, etc.
  • TCP/IP protocols
• OSI Seven Layer Model
• Knowledge of state and Federal regulatory requirements PCI, PII, CPNI requirements
• Strong verbal and written communication skills

• Bachelor's degree or equivalent experience
• Having at least one current form of following certifications is preferred: GCIH, GCIA, GCFA or GREM