BellevueWARecruiter Since 2001
the smart solution for Bellevue jobs

Sr CIRT Engineer (Cyber Incident Response Team)

Company: T-Mobile
Location: Bellevue
Posted on: June 25, 2022

Job Description:

Be unstoppable with us!T-Mobile is synonymous with innovation-and you could be part of the team that disrupted an entire industry! We reinvented customer service, brought real 5G to the nation, and now we're shaping the future of technology in wireless and beyond. Our work is as exciting as it is rewarding, so consider the career opportunity below as your invitation to grow with us, make big things happen with us, above all, #BEYOU with us. Together, we won't stop!Are you ready to make a difference in the world of Wireless Cybersecurity? Then come join our team as the next Sr CIRT Engineer!The Sr CIRT Engineer, Cybersecurity role working in the Digital Security Organization will be responsible for monitoring, assessing, and responding to information security events in a large diverse enterprise environment. The best candidate for the role should have a strong comprehension of incident response, work well with other people and have strong verbal and written communication skills. This position correlates security related data across the enterprise, performs Security Incident Response Handling & Incident containment/recovery and also assists application owners to understand and implement the security aspects of their applications. Additionally, the candidate must have some knowledge of system security design and network security best practices. Analytical and organizational skills, and the ability to effectively communicate and work independently and as part of a team are required.

  • This role will include all activities relevant to the Incident Response Lifecycle.Investigate incidents for Cyber Incident Response Team (CIRT)
  • Develop content to improve detective capabilities in Security Information and Event Management (SIEM) tool
  • Analyze disparate data sources for security incidents
  • Respond to network security incidents promptly to mitigate damage or restore service
  • A champion for process, recommending tool, software development, or infrastructure
  • changes to improve or enhance security
  • Lead small to medium sized projects as directed
  • Develop and deliver metrics as requested
  • Participate in Cyber Incident Response Team (CIRT) rotation that may involve non-traditional working hoursDesired Experience:
    • 3+ years Digital Forensics/Incident Response/Cyber Security experience preferred within at least 5 years' engineering experience
    • Must have several years of scripting experience as it relates to investigations support
    • Functional capability in a scripting language relevant to a SIEM (SPL, KQL, EQL, SQL, etc.)
    • Ability to work with large and sometimes nonstandard sets of data during the course of live investigations
    • Regex knowledge is a must
    • Working experience with AWS and/or Microsoft Azure
    • Familiarity with automating response and artifact collection workloads
    • Experience handling large scale production incidents
    • High-level network troubleshooting ability
    • Ability to plan, organize and prioritize tasks to complete independently and within time frame established
    • Knowledge and experience with current cyber threats and landscape to Enterprise environments.
    • In-depth knowledge of security best practices in large-scale environments
    • In-depth knowledge of security technologies such as, but not limited to:
    • Intrusion Detection systems (Checkpoint, McAfee, ISS, Snort, etc.)
    • Security Information and Event Management (SIEM)
    • Network Windows/Linux forensics techniques
    • Vulnerability scanning tools (WebInspect, Nessus, etc.)
    • In-depth knowledge of networking and OS technologies such as, but not limited to:
    • Diagnostic tools such as packet capture/decode and WAN probes
    • Operating Systems: Windows & UNIX - Solaris, HP/UX, or Linux operating systems administration
    • Networking components including routers, hubs, switches, etc.
    • TCP/IP protocols
    • OSI Seven Layer Model
    • Knowledge of state and Federal regulatory requirements PCI, PII, CPNI requirements
    • Strong verbal and written communication skills
    • At least one current form of following certifications is desired - GCIH, GCIA, GCFA or GREM desiredMinimum Required:
      • Bachelor's Degree in Computer Science or related degree, or equivalent experience
      • High School Diploma or GED
      • Cyber Incident Handling experience
      • Scripting experience
      • At least 18 years of age
      • Legally authorized to work in the United States
      • T-Mobile requires all employees in this position to be fully vaccinated for COVID-19 prior to starting work. The CDC defines "fully vaccinated" as two weeks after the second dose for Pfizer and Moderna, and two weeks after the single dose of Johnson & Johnson. T-Mobile will require proof of vaccination and consider requests for exemption from this requirement during the offer phase as a reasonable accommodation for medical reasons or sincerely held religious beliefs where the accommodation would not cause T-Mobile undue hardship or pose a direct threat to the health and safety of othersNever stop growing!T-Mobile doesn't have a corporate ladder-it's more like a jungle gym of possibilities! We love helping our employees grow in their careers, because it's that shared drive to aim high that drives our business and our culture forward.If you'd like to receive more information about careers at T-Mobile, sign up for the T-Mobile Talent Community today! https://www.tmobile.careers/profile/join/T-Mobile USA, Inc. is an Equal Opportunity Employer. All decisions concerning the employment relationship will be made without regard to age, race, ethnicity, color, religion, creed, sex, sexual orientation, gender identity or expression, national origin, religious affiliation, marital status, citizenship status, veteran status, the presence of any physical or mental disability, or any other status or characteristic protected by federal, state, or local law. Discrimination, retaliation or harassment based upon any of these factors is wholly inconsistent with how we do business and will not be tolerated.Talent comes in all forms at the Un-carrier. If you are an individual with a disability and need reasonable accommodation at any point in the application or interview process, please let us know by emailing ApplicantAccommodation@t-mobile.com or calling 1-844-873-9500. Please note, this contact channel is not a means to apply for or inquire about a position and we are unable to respond to non-accommodation related requests.

Keywords: T-Mobile, Bellevue , Sr CIRT Engineer (Cyber Incident Response Team), IT / Software / Systems , Bellevue, Washington

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category
within


Log In or Create An Account

Get the latest Washington jobs by following @recnetWA on Twitter!

Bellevue RSS job feeds