Senior Cybersecurity Engineer – AI Data

At T-Mobile, we invest in YOU! Our Total Rewards Package ensures that employees get the same big love we give our customers. All team members receive a competitive base salary and compensation package – this is Total Rewards. Employees enjoy multiple wealth-building opportunities through our annual stock grant, employee stock purchase plan, 401(k), and access to free, year-round money coaches. That’s how we’re UNSTOPPABLE for our employees!

The Cybersecurity Engineer will help ensure that our software, systems and infrastructure are designed and implemented to the highest security standards. Performs technical security assessments, code reviews and vulnerability testing to highlight risk and remediate associated findings while helping T-Mobile teams and partners improve security. Works closely with other T-Mobile Engineers to design and build proactive methods to enhance our security posture, , with a focus on building these methods through automation and AI.

Collaborate with Engineering & Operations Teams to address security vulnerabilities found via PSIRTs, scans or breaches. Also, drive and support network security best practices. Implements and operates the data-layer controls that make AI adoption safe at enterprise scale. Owns Need-to-Know enforcement and access design for AI tools/workflows (SSO/MFA, SCIM, RBAC), drives classification/tagging and lineage, and turns data security policies into enforceable guardrails for AI datasets.

Builds automation and policy-as-code to keep approvals audit-ready and fast, integrates telemetry with SIEM/SOAR and ITSM/CMDB, and partners daily with Data Protection, the Cybersecurity Architects, Legal/Privacy, Procurement/Vendor Risk, and engineering teams. Supports PoV→purchase→implementation for new AI Security tools and aligns with AI-SPM discovery signals to close shadow

I gaps.

• Participates AI use‑case intake & security reviews; document decisions, compensating controls, and audit evidence.
• Designs and implements Need-to-Know (NTK) data policies for AI datasets and tools; translate business/legal requirements into solution rules and RBAC models. Engineer SSO/MFA, SCIM, and RBAC for AI SaaS and internal AI services; ensure least-privilege, purpose-binding, and auditable approvals.
• Drives data classification/tagging and lineage; define classification rules, labels, and inheritance for AI training/inference data flows.
• Integrates AI-SPM discovery findings with data controls to identify shadow-AI use and enforce gating/exception workflows.
• Participates in secure design reviews and threat modeling for data‑centric AI use cases; document controls and compensating measures. Maintains high-quality documentation (policies, standards, runbooks) and coach teams on using guardrail patterns correctly.
• Leads security, compliance, and risk assessments on projects throughout project lifecycle.
• Improves process efficiency by creating and implementing creative and sustainable changes to existing deployment methodologies.
• Leads the identification of security needs & recommends plans/resolutions.
• Implements, tests & monitors info security improvements.
• Collaborate with groups such as application support, engineering ops, finance, privacy, risk management, etc.
• Leads information security policy lifecycle throughout, including intake, creation, review, approval, implementation, publishing, communication & maintenance.
• Executes security projects driven by groups both internal and external to info security.
• Mentors, peers and junior team members in security technologies, enterprise solution design and facilitation and effective customer interaction
• Experience with implementation of various threat modeling approaches pertaining to one or more of the following STRIDE, PASTA, TRIKE, ATTACK TREE, DREAD, KILL CHAIN, CAPEC, Mobile Application threat model, Cyber Threat Tree, and data flow diagram.
• Experience with the analysis of underlying technologies that form the solution necessary to the application of threat identification, analysis, and thread model design.
• The threat model depicts trust boundary, threat agent(s), threat vector(s), and safeguard(s)…