Engineer, Cyber Security Operations Center

At T-Mobile, we invest in YOU! Our Total Rewards Package ensures that employees get the same big love we give our customers. All team members receive a competitive base salary and compensation package - this is Total Rewards. Employees enjoy multiple wealth-building opportunities through our annual stock grant, employee stock purchase plan, 401(k), and access to free, year-round money coaches. That's how we're UNSTOPPABLE for our employees!

Are you ready to join the Un-carrier movement? If so, our Cybersecurity team is searching for a CSOC Analyst to join us in taking the next big leap forward with our team.

This Engineer role in T-Mobile's 24x7 Cyber Security Operations Center (CSOC) is vital for ensuring the overall security of systems, services, and information assets. This individual will serve as a line of defense against cyber threats, playing a pivotal role in maintaining the confidentiality, integrity, and availability of T-Mobile's digital infrastructure.

This is a full-time, onsite position working four (4) 10-hour shifts per week and may include 1st, 2nd, or 3rd shift work.

Our team is dynamic where no day is the same, and we are a diverse and inclusive team passionate about growth and innovation! If you're up to the challenge, apply today!

The role of a CSOC Engineer is the detailed and repeatable execution of all operational tasks as documented in processes and subordinate procedures, specifically:

Monitor incoming event queues for potential security incidents per operational procedures

• Perform triage, analysis, and response of security alerts to resolve an initiate appropriate courses of action, with critical issues as defined by established procedures
• Collect and organize alert, event and triage data to produce reports to provide feedback to existing content, inform new content, and measure relevant KPIs
• Provide support for and collaboration with higher-tier support teams to investigate advanced incidents
• Assist in the development of new security operations processes as well as the refinement or improvement of existing processes
• Monitor CSOC ticket (or email) queue for potential event reporting from outside entities and individual users
• Maintain CSOC shift logs with relevant activity from current shift.
• Document investigation case notes, ensuring relevant details are passed to CIRT for advanced incident analysis
• Update or reference CSOC knowledge management repository as necessary for changes to CSOC processes and procedures and ingest CSOC daily intelligence reports and previous shift pass downs
• Conduct security research and intelligence gathering on emerging threats and exploits

Minimum Required

• 2-4 years of experience working in a large enterprise
• 2-4 years of experience as a SOC or Incident Response investigator or equivalent work experience
• Conversant with cyber security intrusion analysis concepts and techniques
• Understanding of security incident investigation and log analysis
• Experience investigating security incidents, threats and vulnerabilities
• Demonstrable knowledge of networking (TCP/IP, topology, OSI model and network forensics), operating systems (Windows/MacOS/Linux), and web technologies (web applications, database security, web servers)
• Knowledge of federal & compliance regulations e.g. SOX, PCI & CPNI
• Knowledge of Scripting tools (Python/Perl/Shell/HTML/PHP)
• Ability to read and understand system data, including, but not limited to, security event logs, system logs, and firewall logs
• High degree of attention to detail
• Presentation skills to large and small audiences
• Strong verbal and written communication skills

• Experience supporting Cyber Security Operations in a large enterprise environment
• Experience with SIEM & Log Management solutions
• Experience with cloud security, telecom security, data protection
• Experience with enterprise systems or network administration
• CCNA Security, GCIA, GCIH or other related security certifications

• Degree in Computer Science, Information Technology, or equivalent work experience
• Course work in Cyber Security is strongly preferred

Shift work in a 24x7 Cyber Security Operations Center

Participation in on-call rotation may be required

• At least 18 years of age
• Legally authorized to work in the United States

Travel Required (Yes/No):
No

DOT Regulated Position (Yes/No):
No

Safety Sensitive Position (Yes/No):
No

Base Pay Range: $79,900 - $144,100. Corporate Bonus Target: 15%

The pay range above is the general base pay range for a successful candidate in the role. The successful candidate's actual pay will be based on various factors, such as work location, qualifications, and experience, so the actual starting pay will vary within this range.

At T-Mobile, employees in regular, non-temporary roles are eligible for an annual bonus or periodic sales incentive or bonus, based on their role. Most Corporate employees are eligible for a year-end bonus based on company and/or individual…