Sr Cybersecurity Engineer – Threat Hunting
| Company | T-Mobile |
|---|---|
| Location | Frisco, TX, USA, Bellevue, WA, USA, Overland Park, KS, USA |
| Salary | $103400 – $186400 |
| Type | Full-Time |
| Degrees | Bachelor’s |
| Experience Level | Mid Level, Senior |
Requirements
- In-depth knowledge of security technologies such as, but not limited to: Telecommunication and mobile network technologies, specifically VoIP, SIP, IOS, Android, mobile device hardware, and 4G/5G security.
- In-depth knowledge of networking and OS technologies such as, but not limited to: Diagnostic tools such as packet capture/decode and WAN probes, Operating Systems: Windows & UNIX – Solaris, HP/UX, or Linux operating systems administration, Networking components including routers, hubs, switches, etc., TCP/IP protocols, OSI Seven Layer Model.
- Bachelor’s Degree Computer Science or Information Technology or equivalent work experience
- 4-7 years experience with threat hunting, incident response, or other cybersecurity operations functions
- Strong verbal and written communication skills
- High-level network troubleshooting ability
- Ability to plan, organize and prioritize tasks to complete independently and within time frame established
- Knowledge and experience with current cyber threats and landscape to Enterprise environments.
- In-depth knowledge of security standard processes in large-scale environments
- Medium to advance knowledge of programming tools (Python/Java/Perl/Shell/HTML/PHP)
- Knowledge of federal & compliance regulations e.g. SOX, PCI & CPNI
- Familiarity with load balancers (ex – A10, F5), firewalls (ex – CheckPoint), Venafi, MDM (ex – Mobile Iron), Cloud (ex – AWS, Azure), Malware Protection (ex -FireEye), Advanced Persistent Threats (ex – Damballa), Privileged Accounts (ex – CyberArk), SIEM (ex – ArcSight), Log & Event (ex – Splunk), Intrusion IDS/IPS (ex – Symantec) , Cloud Platform (ex – PCF, Docker), Scanning (ex – Qualys), AppSec (ex – Veracode)
- In-depth knowledge of security best practices in large-scale environments
- Strong problem solving / troubleshooting skills
- Strong verbal and communication skills with diverse multi-functional groups & the ability to communicate effectively to small & large groups
- Demonstrable knowledge of current technological trends and developments in the area of info security
- Ability to plan, organize and prioritize tasks to complete independently.
Responsibilities
- Identify previously unknown Cybersecurity incidents and threats by hypothesis-based hunting
- Assist with Incident Response as necessary
- Participate in an on call rotation and able to work nights and weekends as needed
- Develop content to improve detective capabilities in Security Information and Event Management (SIEM) tool
- Analyze disparate data sources for security incidents
- A champion for process, recommending tool, software development, or infrastructure changes to improve or enhance security
- Lead small to medium sized projects as directed
- Develop and deliver metrics as requested
- Participate in on call rotation that may involve non-traditional working hours
- Improves process efficiency by creating and implementing creative and sustainable changes to existing deployment methodologies.
Preferred Qualifications
- GCIH, GCFA, GCIA, CMON, GCDA
- Certified Information Systems Security Professional (CISSP) CISSP and/or CCSK and/or CCSP and/or CISA/CISM certification a plus