Principal Engineer, Cybersecurity
With T-Mobile USA in Bothell WA USMore jobs from T-Mobile USA
Posted on February 18, 2019
About this job
Job type: Full-time
Role: System Administrator
Company size: 10k+ people
Company type: Public
security, cloud, azure
Principal Engineer, Cybersecurity
- Optimizes cross-functional partnership to successfully address customer requirements. Leads / organizes large scale analysis efforts spanning multiple departments. Uses internal and external data resources to make strategic business decisions and persuade others. Collaborates and builds long-term relationships with key stakeholders. Anticipates likely stakeholder responses to specific recommendations and is able to address accordingly.
- Leads information security review of new technologies, designs, and remediation planning efforts, including new cloud technologies.
- Proactively identifies process or technology improvements within existing legacy applications or infrastructure and seeks out remediation.
- Investigates and/or leads identifying security needs & recommends plans/resolutions. Implements, tests & monitors info security improvements.
- Maintains visibility inside & outside of information security at the Executive (Director/Sr Director) level. Interfaces with groups such as application support, engineering ops, finance, privacy, risk management, etc.
- Significant experience with the analysis of underlying technologies that form the solution necessary for the application of threat identification, analysis, and thread model design. The threat model depicts trust boundary, threat agent(s), threat vector(s), and safeguard(s) necessary to protect person, asset, data, and T-Mobile brand.
- Proactively identifies areas that need to be developed and seeks out expertise in those areas. Keeps abreast of current developments and trends and is able to use this knowledge to create a business case to address major issues and create specific action plans to address the gaps that the team controls. Plays a leadership role in the execution of that action plan.
- Leads security projects driven by groups both internal and external to info security.
- Mentors peers and junior team members in security technologies, enterprise solution design, SDLC facilitation and effective customer interaction.
- Significant experience with implementation hybrid, cloud technologies, authentication, IAAS, PAAS, Azure AD.
- Subject matter expert in multiple facets of network & information security, including Firewall policy design, SSL Certificate management, vulnerability analysis & mitigation, and other topics as assigned.
- Advanced understanding of IP/Security solutions & technologies applicable to the infrastructure, Network, PKI Architecture.
- Also responsible for other Duties/Projects as assigned by business management as needed.
- Bachelor's Degree in Computer Science or Information Technology
- 7 10 Years' Experience with increasing responsibility with security related software and/or business process design.
- 4-7 Years' Experience with the following: project/team lead, formal implementation cloud hybrid environments and facilitation of cross-functional solution design teams.
- 4-7 Years' Technical Project Management.
- Subject matter expert in all facets of network & information security, including Firewall policy design, SSL Certificate management, vulnerability analysis & mitigation, and other topics as assigned.
- Significant knowledge of current technological trends and developments in the area of info security
- Ability to create technical specification and requirements and work independently and with no direction/supervision. Able to quickly adapt to new or evolving technologies related to new product & services requiring validation or research.
- Strong verbal and communication skills with diverse cross functional groups. Ability to present advanced concepts to leadership, peers, and others in subordinate roles.
- Understanding load balancers (ex A10, F5), firewalls (ex CheckPoint), Venafi, MDM (ex - Mobile Iron), Cloud (ex - AWS, Azure), Malware Protection (ex -FireEye), Advanced Persistent Threats (ex - Damballa), Privileged Accounts (ex CyberArk), SIEM (ex ArcSight), Log & Event (ex Splunk), Intrusion IDS/IPS (ex Symantec), Cloud Platform (ex PCF, Docker), Scanning (ex Qualys), AppSec (ex - Veracode)
- Advance knowledge of Scripting tools (Python/Perl/Shell/HTML/PHP).
- Knowledge of federal & compliance regulations e.g. SOX, PCI & CPNI.
Preferred Qualifications:- Previous Leadership experience.
- Be subject matter expert in multiple security subject areas including PKI.
- Experience with high level design architecture, security technologies, networking, web services and SOA.
- Certified Information Systems Security Professional (CISSP).
- Certified Information Security Manager (CISM).
- Certified Information Systems Auditor (CISA)