Sr CIRT Engineer (Cyber Incident Response Team)

Company: T-Mobile
Location: Bellevue
Posted on: June 25, 2022

Job Description:

Be unstoppable with us!T-Mobile is synonymous with innovation-and you could be part of the team that disrupted an entire industry! We reinvented customer service, brought real 5G to the nation, and now we're shaping the future of technology in wireless and beyond. Our work is as exciting as it is rewarding, so consider the career opportunity below as your invitation to grow with us, make big things happen with us, above all, #BEYOU with us. Together, we won't stop!Are you ready to make a difference in the world of Wireless Cybersecurity? Then come join our team as the next Sr CIRT Engineer!The Sr CIRT Engineer, Cybersecurity role working in the Digital Security Organization will be responsible for monitoring, assessing, and responding to information security events in a large diverse enterprise environment. The best candidate for the role should have a strong comprehension of incident response, work well with other people and have strong verbal and written communication skills. This position correlates security related data across the enterprise, performs Security Incident Response Handling & Incident containment/recovery and also assists application owners to understand and implement the security aspects of their applications. Additionally, the candidate must have some knowledge of system security design and network security best practices. Analytical and organizational skills, and the ability to effectively communicate and work independently and as part of a team are required.

This role will include all activities relevant to the Incident Response Lifecycle.Investigate incidents for Cyber Incident Response Team (CIRT)
Develop content to improve detective capabilities in Security Information and Event Management (SIEM) tool
Analyze disparate data sources for security incidents
Respond to network security incidents promptly to mitigate damage or restore service
A champion for process, recommending tool, software development, or infrastructure
changes to improve or enhance security
Lead small to medium sized projects as directed
Develop and deliver metrics as requested
Participate in Cyber Incident Response Team (CIRT) rotation that may involve non-traditional working hoursDesired Experience:
- 3+ years Digital Forensics/Incident Response/Cyber Security experience preferred within at least 5 years' engineering experience
- Must have several years of scripting experience as it relates to investigations support
- Functional capability in a scripting language relevant to a SIEM (SPL, KQL, EQL, SQL, etc.)
- Ability to work with large and sometimes nonstandard sets of data during the course of live investigations
- Regex knowledge is a must
- Working experience with AWS and/or Microsoft Azure
- Familiarity with automating response and artifact collection workloads
- Experience handling large scale production incidents
- High-level network troubleshooting ability
- Ability to plan, organize and prioritize tasks to complete independently and within time frame established
- Knowledge and experience with current cyber threats and landscape to Enterprise environments.
- In-depth knowledge of security best practices in large-scale environments
- In-depth knowledge of security technologies such as, but not limited to:
- Intrusion Detection systems (Checkpoint, McAfee, ISS, Snort, etc.)
- Security Information and Event Management (SIEM)
- Network Windows/Linux forensics techniques
- Vulnerability scanning tools (WebInspect, Nessus, etc.)
- In-depth knowledge of networking and OS technologies such as, but not limited to:
- Diagnostic tools such as packet capture/decode and WAN probes
- Operating Systems: Windows & UNIX - Solaris, HP/UX, or Linux operating systems administration
- Networking components including routers, hubs, switches, etc.
- TCP/IP protocols
- OSI Seven Layer Model
- Knowledge of state and Federal regulatory requirements PCI, PII, CPNI requirements
- Strong verbal and written communication skills
- At least one current form of following certifications is desired - GCIH, GCIA, GCFA or GREM desiredMinimum Required:
  - Bachelor's Degree in Computer Science or related degree, or equivalent experience
  - High School Diploma or GED
  - Cyber Incident Handling experience
  - Scripting experience
  - At least 18 years of age
  - Legally authorized to work in the United States
  - T-Mobile requires all employees in this position to be fully vaccinated for COVID-19 prior to starting work. The CDC defines "fully vaccinated" as two weeks after the second dose for Pfizer and Moderna, and two weeks after the single dose of Johnson & Johnson. T-Mobile will require proof of vaccination and consider requests for exemption from this requirement during the offer phase as a reasonable accommodation for medical reasons or sincerely held religious beliefs where the accommodation would not cause T-Mobile undue hardship or pose a direct threat to the health and safety of othersNever stop growing!T-Mobile doesn't have a corporate ladder-it's more like a jungle gym of possibilities! We love helping our employees grow in their careers, because it's that shared drive to aim high that drives our business and our culture forward.If you'd like to receive more information about careers at T-Mobile, sign up for the T-Mobile Talent Community today! https://www.tmobile.careers/profile/join/T-Mobile USA, Inc. is an Equal Opportunity Employer. All decisions concerning the employment relationship will be made without regard to age, race, ethnicity, color, religion, creed, sex, sexual orientation, gender identity or expression, national origin, religious affiliation, marital status, citizenship status, veteran status, the presence of any physical or mental disability, or any other status or characteristic protected by federal, state, or local law. Discrimination, retaliation or harassment based upon any of these factors is wholly inconsistent with how we do business and will not be tolerated.Talent comes in all forms at the Un-carrier. If you are an individual with a disability and need reasonable accommodation at any point in the application or interview process, please let us know by emailing ApplicantAccommodation@t-mobile.com or calling 1-844-873-9500. Please note, this contact channel is not a means to apply for or inquire about a position and we are unable to respond to non-accommodation related requests.

Keywords: T-Mobile, Bellevue , Sr CIRT Engineer (Cyber Incident Response Team), IT / Software / Systems , Bellevue, Washington

Click here to apply!

Didn't find what you're looking for? Search again!

Let Bellevue recruiters find you. Post your resume for free!

Get Bellevue IT / Software / Systems jobs via email.

View more Bellevue IT / Software / Systems jobs

Other IT / Software / Systems Jobs

Senior Software Engineer - Office for the Web
Description: Job Title: Senior Software Engineer - Office for the WebJob Type: Permanent, Full-Time/ ContractPrimary Location: Seattle, WARole Responsibilities: ul li Own and deliver complete features, including (more...)
Company: Vignetic
Location: Seattle
Posted on: 07/2/2022

Senior Python Developer
Description: Zonar's applications ensure the safety and effectiveness
Company: Zonar Systems
Location: Seattle
Posted on: 07/2/2022

Principal Software Engineer, Search
Description: Principal Software Engineer, Search - United States or Canada Remote Duration: Permanent Location: United States or Canada Remote or In-Office Start: ASAPDue to the current conditions of COVID-19, this (more...)
Company: Getty Images
Location: Seattle
Posted on: 07/2/2022

Salary in Bellevue, Washington Area | More details for Bellevue, Washington Jobs |Salary

QA lead technical operations
Description: QA lead technical operations Location: Seattle, WA Duration: 12 Months Job Description - This position is responsible for providing support for Product Quality Complaint PQC investigations, Change Control, (more...)
Company: American CyberSystems, Inc.
Location: Seattle
Posted on: 07/2/2022

FileMaker Developer, Advanced - Remote
Description: We're looking for an advanced FileMaker developer to join the SeedCode team and help us deploy and extend large custom apps for our clients. -The WorkSeedCode is a FileMaker Platinum Partner developing (more...)
Company: SeedCode, Inc
Location: Seattle
Posted on: 07/2/2022

Software Quality Test Technician
Description: Title: Software Quality Test TechnicianLocation: Bothell, WA onsite Duration: 7 monthsRate: 28 per hour on W2Description:We are looking for a Software Quality Test Technician, who:--- Will participate (more...)
Company: APN Software Services, Inc.
Location: Bothell
Posted on: 07/2/2022

Staff Software Engineer, Risk
Description: Employee Applicant Privacy NoticeWho We AreShape a brighter financial future with us.Together with our members, we're changing the way people think about and interact with personal finance.We're a next-generation (more...)
Company: SoFi
Location: Seattle
Posted on: 07/2/2022

Head Of Web Development
Description: Head of Web Development, Associate Director
Company: Cognition
Location: Seattle
Posted on: 07/2/2022

Developer III - EXP.O NOW, IS Customer Experience
Description: Job DescriptionCompany Description br br We're not in the shipping business we're in the information business. -Peter Rose, Expeditors FounderAt the heart of Expeditors you will find professionalism, (more...)
Company: Expeditors
Location: Seattle
Posted on: 07/2/2022

Information Technology-Technical Lead
Description: Job Description: Mastech Digital provides digital and mainstream technology staff as well as Digital Transformation Services for all American Corporations. We are currently seeking an Information Technology (more...)
Company: Mastech
Location: Mercer Island
Posted on: 07/2/2022

Loading more jobs...

Sr CIRT Engineer (Cyber Incident Response Team)

Didn't find what you're looking for? Search again!

Other IT / Software / Systems Jobs

Log In or Create An Account