Sr CIRT Engineer (Cyber Incident Response Team)
Company: T-Mobile
Location: Bellevue
Posted on: June 25, 2022
Job Description:
Be unstoppable with us!T-Mobile is synonymous with
innovation-and you could be part of the team that disrupted an
entire industry! We reinvented customer service, brought real 5G to
the nation, and now we're shaping the future of technology in
wireless and beyond. Our work is as exciting as it is rewarding, so
consider the career opportunity below as your invitation to grow
with us, make big things happen with us, above all, #BEYOU with us.
Together, we won't stop!Are you ready to make a difference in the
world of Wireless Cybersecurity? Then come join our team as the
next Sr CIRT Engineer!The Sr CIRT Engineer, Cybersecurity role
working in the Digital Security Organization will be responsible
for monitoring, assessing, and responding to information security
events in a large diverse enterprise environment. The best
candidate for the role should have a strong comprehension of
incident response, work well with other people and have strong
verbal and written communication skills. This position correlates
security related data across the enterprise, performs Security
Incident Response Handling & Incident containment/recovery and also
assists application owners to understand and implement the security
aspects of their applications. Additionally, the candidate must
have some knowledge of system security design and network security
best practices. Analytical and organizational skills, and the
ability to effectively communicate and work independently and as
part of a team are required.
- This role will include all activities relevant to the Incident
Response Lifecycle.Investigate incidents for Cyber Incident
Response Team (CIRT)
- Develop content to improve detective capabilities in Security
Information and Event Management (SIEM) tool
- Analyze disparate data sources for security incidents
- Respond to network security incidents promptly to mitigate
damage or restore service
- A champion for process, recommending tool, software
development, or infrastructure
- changes to improve or enhance security
- Lead small to medium sized projects as directed
- Develop and deliver metrics as requested
- Participate in Cyber Incident Response Team (CIRT) rotation
that may involve non-traditional working hoursDesired Experience:
- 3+ years Digital Forensics/Incident Response/Cyber Security
experience preferred within at least 5 years' engineering
experience
- Must have several years of scripting experience as it relates
to investigations support
- Functional capability in a scripting language relevant to a
SIEM (SPL, KQL, EQL, SQL, etc.)
- Ability to work with large and sometimes nonstandard sets of
data during the course of live investigations
- Regex knowledge is a must
- Working experience with AWS and/or Microsoft Azure
- Familiarity with automating response and artifact collection
workloads
- Experience handling large scale production incidents
- High-level network troubleshooting ability
- Ability to plan, organize and prioritize tasks to complete
independently and within time frame established
- Knowledge and experience with current cyber threats and
landscape to Enterprise environments.
- In-depth knowledge of security best practices in large-scale
environments
- In-depth knowledge of security technologies such as, but not
limited to:
- Intrusion Detection systems (Checkpoint, McAfee, ISS, Snort,
etc.)
- Security Information and Event Management (SIEM)
- Network Windows/Linux forensics techniques
- Vulnerability scanning tools (WebInspect, Nessus, etc.)
- In-depth knowledge of networking and OS technologies such as,
but not limited to:
- Diagnostic tools such as packet capture/decode and WAN
probes
- Operating Systems: Windows & UNIX - Solaris, HP/UX, or Linux
operating systems administration
- Networking components including routers, hubs, switches,
etc.
- TCP/IP protocols
- OSI Seven Layer Model
- Knowledge of state and Federal regulatory requirements PCI,
PII, CPNI requirements
- Strong verbal and written communication skills
- At least one current form of following certifications is
desired - GCIH, GCIA, GCFA or GREM desiredMinimum Required:
- Bachelor's Degree in Computer Science or related degree, or
equivalent experience
- High School Diploma or GED
- Cyber Incident Handling experience
- Scripting experience
- At least 18 years of age
- Legally authorized to work in the United States
- T-Mobile requires all employees in this position to be fully
vaccinated for COVID-19 prior to starting work. The CDC defines
"fully vaccinated" as two weeks after the second dose for Pfizer
and Moderna, and two weeks after the single dose of Johnson &
Johnson. T-Mobile will require proof of vaccination and consider
requests for exemption from this requirement during the offer phase
as a reasonable accommodation for medical reasons or sincerely held
religious beliefs where the accommodation would not cause T-Mobile
undue hardship or pose a direct threat to the health and safety of
othersNever stop growing!T-Mobile doesn't have a corporate
ladder-it's more like a jungle gym of possibilities! We love
helping our employees grow in their careers, because it's that
shared drive to aim high that drives our business and our culture
forward.If you'd like to receive more information about careers at
T-Mobile, sign up for the T-Mobile Talent Community today!
https://www.tmobile.careers/profile/join/T-Mobile USA, Inc. is an
Equal Opportunity Employer. All decisions concerning the employment
relationship will be made without regard to age, race, ethnicity,
color, religion, creed, sex, sexual orientation, gender identity or
expression, national origin, religious affiliation, marital status,
citizenship status, veteran status, the presence of any physical or
mental disability, or any other status or characteristic protected
by federal, state, or local law. Discrimination, retaliation or
harassment based upon any of these factors is wholly inconsistent
with how we do business and will not be tolerated.Talent comes in
all forms at the Un-carrier. If you are an individual with a
disability and need reasonable accommodation at any point in the
application or interview process, please let us know by emailing
ApplicantAccommodation@t-mobile.com or calling 1-844-873-9500.
Please note, this contact channel is not a means to apply for or
inquire about a position and we are unable to respond to
non-accommodation related requests.
Keywords: T-Mobile, Bellevue , Sr CIRT Engineer (Cyber Incident Response Team), IT / Software / Systems , Bellevue, Washington
Didn't find what you're looking for? Search again!
Loading more jobs...