Senior Cybersecurity Engineer - AI

At T-Mobile, we invest in YOU! Our Total Rewards Package ensures that employees get the same big love we give our customers. All team members receive a competitive base salary and compensation package - this is Total Rewards. Employees enjoy multiple wealth-building opportunities through our annual stock grant, employee stock purchase plan, 401(k), and access to free, year-round money coaches. That’s how we’re UNSTOPPABLE for our employees!

The Cybersecurity Engineer will help ensure that our software, systems and infrastructure are designed and implemented to the highest security standards. Performs technical security assessments, code reviews and vulnerability testing to highlight risk and remediate associated findings while helping T‑Mobile teams and partners improve security. Works closely with other T‑Mobile Engineers to design and build proactive methods to enhance our security posture, , with a focus on building these methods through automation and AI.Collaborate

with Engineering & Operations Teams to address security vulnerabilities found via PSIRTs, scans or breaches. Also, drive and support network security best practices.

Leads the technical implementation of the AI Security program and serves as the engineering point for secure‑by‑design AI adoption across the enterprise. Owns the AI intake/security review process, threat modeling, and translation of policy into enforceable controls for SaaS AI, GenAI/LLM, and internal AI services. Converts Proof‑of‑Value outcomes for AI and Data Security solutions into production controls; integrates telemetry with SIEM/SOAR and ITSM/CMDB for operations and auditability.

Partners with Data Protection, the Cybersecurity Syndicate, Legal/Privacy, Procurement/Vendor Risk, and platform/application teams. Mentors engineers, publishes standards/guardrails (logging, purpose‑binding, kill‑switch, secrets handling), and drives measurable outcomes (coverage, enforcement, MTTR, approval SLA, false‑positive rates).

• Lead AI use‑case intake & security reviews; document decisions, compensating controls, and audit evidence.
• Perform and guide threat modeling for AI/data/agent workflows; translate findings into technical requirements for gateways, guardrails, and NTK enforcement.
• Define, publish, and maintain AI security standards/guardrails (prompt/log retention, purpose‑binding, kill‑switch, secrets handling, retention/expiration).
• Engineer identity & access controls (SSO/MFA, SCIM, RBAC) that enforce Need‑to‑Know; coordinate with Data Protection on Data Security Posture Management and permission awareness
• Operationalize runtime protections: deploy/monitor AI and Data Security frameworks, AI discovery & policy enforcement; integrate Prompt Security and cloud and SaaS posture signals (e.g., Wiz).
• Leads security, compliance, and risk assessments on projects throughout project lifecycle.
• Improves process efficiency by creating and implementing creative and sustainable changes to existing deployment methodologies.
• Leads the identification of security needs & recommends plans/resolutions.
• Implements, tests & monitors info security improvements.
• Interfaces with groups such as application support, engineering ops, finance, privacy, risk management, etc.
• Leads information security policy lifecycle throughout, including intake, creation, review, approval, implementation, publishing, communication & maintenance.
• Executes security projects driven by groups both internal and external to info security.
• Mentors, peers and junior team members in security technologies, enterprise solution design and facilitation and effective customer interaction
• Experience with implementation of various threat modeling approaches pertaining to one or more of the following STRIDE, PASTA, TRIKE, ATTACK TREE, DREAD, KILL CHAIN, CAPEC, Mobile Application threat model, Cyber Threat Tree, and data flow diagram.
• Experience with the analysis of underlying technologies that form the solution necessary for the application of threat identification, analysis, and thread model design.
• The threat model depicts trust boundary, threat agent(s), threat vector(s), and safeguard(s) necessary…