Full Job Description
Sr. Engineers, Cybersecurity is located in Overland Park, KS will lead security, compliance, and risk assessments on projects throughout project lifecycle.
• Telecommuting is permitted, but applicant must work from the worksite location at least 3-4 days per week. No additional national or international travel is anticipated.
Position duties and responsibilities include, but are not limited to:
• Improve process efficiency by creating and implementing creative and sustainable changes to existing deployment methodologies.
• Lead the identification of security needs & recommends plans/resolutions. Implements, tests & monitors info security improvements.
• Maintain visibility inside & outside of information security at the People management level.
• Interfaces with groups such as application support, engineering ops, finance, privacy, risk management, etc.
• Lead information security policy lifecycle throughout, including intake, creation, review, approval, implementation, publishing, communication & maintenance.
• Execute security projects driven by groups both internal and external to info security.
• Mentor peers and junior team members in security technologies, enterprise solution design and facilitation and effective customer interaction.
• Act as Subject Matter Expert in multiple facets of network & information security, including Firewall policy design, SSL Certificate management, vulnerability analysis & mitigation, and other topics as assigned.
• Lead the design and integration of IP/Security solutions within wireless network architectures, ensuring alignment with advanced cybersecurity standards and best practices.
• Analyze core technologies to identify threats and risks, and create detailed threat models outlining trust boundaries, threat agents, attack vectors, and safeguards to protect individuals, assets, data, and the T-Mobile brand.
Minimum requirements:
Experience and education requirements:
PRIMARY REQUIREMENTS: Master's degree in Computer Science, Information Technology, or related field, and 3 years of relevant work experience.
ALTERNATIVE REQUIREMENTS: Bachelor's degree in Computer Science, Information Technology, or related field, and 5 years of relevant work experience.
Skills requirements: Requires experience in each of the following:
1. Managing and configuring Web Application Firewall (WAF) using Akamai and Imperva WAF to secure business-critical web applications against Open Web Application Security Project (OWASP) Top 10 vulnerabilities, Distributed Denial of Service (DDoS) attacks, volumetric attacks and other cyber threats;
2. Monitoring realtime traffic patterns to identify anomalies and Advanced Persistent Threat (APT) with Akamai Web Security Analytics and iteratively fine-tuning WAF security configurations to minimize false positives while enhancing both performance and security;
3. Performing security assessment using Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), Interactive Application Security Testing (IAST), Runtime Application Self-Protection (RASP) and Software Composition Analysis (SCA) through Burp Suite, ZAP, Postman, SonarQube, Contrast Security and OWASP Dependency-Check;
4. Conducting mobile application security assessments by performing threat modeling using OWASP Mobile Application Security Verification Standard (MASVS) to uncover security flaws utilizing Mobile Security Framework (MobSF), NowSecure Platform, Frida, Android Studio and JADX;
5. Managing cybersecurity platforms HackerOne and Bugcrowd, including setting up the program policies and scope, handling bug triage, validation, severity assessment via the Common Vulnerability Scoring System (CVSS) and overseeing bounty payments;
6. Developing automation scripts on demand to streamline security processes related to WAF management and vulnerability detection using Bash, Go, Python, PHP, HTML and Postman;
7. Implementing threat modeling techniques, including STRIDE, PASTA, TRIKE, ATTACK TREE, DREAD, KILL CHAIN, CAPEC, Mobile Application threat models, Cyber Threat Tree, or data flow diagrams to identify, assess and reduce security risks.
Additional:
• Location: Overland Park, KS
• Telecommuting is permitted, but applicant must work from the worksite location at least 3-4 days per week. No additional national or international travel is anticipated.
• This position is eligible for the employee referral program.
• At least 18 years of age
• Legally authorized to work in the United States
Travel:
Travel Required (Yes/No): No
DOT Regulated:
DOT Regulated Position (Yes/No): No
Safety Sensitive Position (Yes/No): No
How to apply:
• Visit https://www.t-mobile.com/careers
• Create a candidate profile, and apply to requisition number: REQ361677.
OTHER: Work hours: 40 hours/week. Salary: $129,217.62 - $152,300 per year.
• The pay range above is the general base pay range for a successful candidate in the state listed. The successful candidate's actual pay will be based on various factors, such as work location, qualifications, and experience.
• At T-Mobile, employees in regular, non-temporary roles are eligible for an annual bonus or periodic sales incentive or bonus, based on their role. Most Corporate employees are eligible for a year-end bonus based on company and/or individual performance and which is set at a percentage of the employee's eligible earnings in the prior year. Certain positions in Customer Care are eligible for monthly bonuses based on individual and/or team performance, while Retail and Business Sales roles are eligible for monthly or quarterly sales incentives. And since we are ALL owners, EVERY employee at T-Mobile is eligible for an Annual Stock Grant. For information about T-Mobile's amazing benefits, check out
https://careers.t-mobile.com/culture-and-benefits.
Candidate's pay will be based on various factors, such as work location, qualifications, and experience. At T-Mobile, employees in regular, non-temporary roles are eligible for an annual bonus or periodic sales incentive or bonus, based on their role. Most Corporate employees are eligible for a year-end bonus based on company and/or individual performance and which is set at a percentage of the employee's eligible earnings in the prior year. Certain positions in Customer Care are eligible for monthly bonuses based on individual and/or team performance.
At T-Mobile, our benefits exemplify the spirit of One Team, Together! A big part of how we care for one another is working to ensure our benefits evolve to meet the needs of our team members. Full and part-time employees have access to the same benefits when eligible. We cover all of the bases, offering medical, dental and vision insurance, a flexible spending account, 401(k), employee stock grants, employee stock purchase plan, paid time off and up to 12 paid holidays - which total about 4 weeks for new full-time employees and about 2.5 weeks for new part-time employees annually - paid parental and family leave, family building benefits, back-up care, enhanced family support, childcare subsidy, tuition assistance, college coaching, short- and long-term disability, voluntary AD&D coverage, voluntary accident coverage, voluntary life insurance, voluntary disability insurance, and voluntary long-term care insurance. We don't stop there - eligible employees can also receive mobile service & home internet discounts, pet insurance, and access to commuter and transit programs! To learn about T-Mobile's amazing benefits, check out www.t-mobilebenefits.com.