Be unstoppable with us! T-Mobile is synonymous with innovation-and you could be part of the team that disrupted an entire industry! We reinvented customer service, brought real 5G to the nation, and now we’re shaping the future of technology in wireless and beyond. Our work is as exciting as it is rewarding, so consider the career opportunity below as your invitation to grow with us, make big things happen with us, above all, #BEYOU with us. Together, we won’t stop! This job can be located anywhere within the United States. The Cybersecurity Engineer will help ensure that our software, systems and infrastructure are designed and implemented to the highest security standards. Performs technical security assessments, code reviews and vulnerability testing to highlight risk and remediate associated findings while helping T-Mobile teams and partners improve security. Works closely with other T-Mobile Engineers to design and build proactive methods to enhance our security posture. This position serves as a subject matter expert which drives vision and results to enhance the Bug Bounty security posture within mobile across our entire internet facing attack surface, which includes IoT devices, enterprise line of business applications, cloud, and core and carrier network technologies as well as and other business units as needed. Principal security advisor to multi-functional teams for the successful delivery of projects or services to enterprise customers. Responsibilities Leads forensic analysis of exploited vulnerabilities reported by ethical researchers through the Bug Bounty program. Validates the vulnerability is reproducible and demonstrates it to the Line of Business. Validates the exploit has been fixed and is ready to deploy to production. Closes out the vulnerability with the Bug Bounty vendor. Experience with penetration testing tools, such as BURP suite, scripting, etc. Improves process efficiency by crafting and implementing creative and sustainable changes to existing deployment methodologies Leads the identification of security needs and recommends plans/resolutions Implements, tests and monitors info security improvements Maintains visibility inside and outside of information security at the people management level Works with groups such as application support, engineering ops, finance, privacy, risk management, etc. Leads information security policy lifecycle throughout, including intake, creation, review, approval, implementation, publishing, communication and maintenance Completes security projects driven by groups both internal and external to info security Mentors peers and junior team members in security technologies, enterprise solution design and facilitation and effective customer interaction Experience using the CVSS calculator to assess risk of the vulnerability reported and how it relates to the safeguard(s) vital to protect person, asset, data, and T-Mobile brand Subject matter expert in multiple facets of network and information security, including vulnerability analysis and mitigation, and other topics as assigned Also responsible for other duties/projects as assigned by business management as needed Highly Desired Able to work expanded hours as needed Qualifications Bachelors Degree: Computer Science Or Information Technology OR related work experience in lieu of degree 4 – 7 years’ experience in info security technology or related field Medium to advance knowledge of Scripting tools (Python/Perl/Shell/HTML/PHP) Experience with incident handling for Security breaches Expert in several security subject areas 2 – 4 years Technical Project Management experience Experience with high level design architecture, security technologies, Networking, web services and SOA. Understanding of encryption, obfuscation, tokenization technologies Solid grasp of T-Mobile’s network elements and how they work together
scripting Burp Suite penetration-testing SOA encryption obfuscation web-services Cybersecurity Networking