Be unstoppable with us! T-Mobile is synonymous with innovation-and you could be part of the team that disrupted an entire industry! We reinvented customer service, brought real 5G to the nation, and now we're shaping the future of technology in wireless and beyond. Our work is as exciting as it is rewarding, so consider the career opportunity below as your invitation to grow with us, make big things happen with us, above all, #BEYOU with us. Together, we won't stop! Come work with the Cyber Security Operations Center (CSOC) team!!! Responsibilities The role of a Security Engineer is the detailed and repeatable execution of all operational tasks as documented in processes and subordinate procedures, specifically: Monitor incoming event queues for potential security incidents per operational procedures Perform triage, analysis, and response of security alerts to determine and initiate appropriate courses of action, with escalation as defined by established procedures Collect and organize alert, event and triage data to produce reports to provide feedback to existing content, inform new content, and measure relevant KPIs Provide support for and collaboration with higher-tier support teams to investigate escalated incidents Assist in the development of new security operations processes as well as the refinement or improvement of existing processes Monitor CSOC ticket (or email) queue for potential event reporting from outside entities and individual users Maintain CSOC shift logs with relevant activity from current shift. Document investigation case notes, ensuring relevant details are passed to CIRT for escalated incident analysis Update or reference CSOC knowledge management repository as necessary for changes to CSOC processes and procedures and ingest CSOC daily intelligence reports and previous shift pass downs Conduct security research and intelligence gathering on emerging threats and exploits Qualifications Minimum Required 2-4 years of experience working in a large enterprise 2-4 years of experience as a SOC or Incident Response investigator or equivalent work experience Conversant with cyber security intrusion analysis concepts and techniques Understanding of security incident investigation and log analysis Experience investigating security incidents, threats and vulnerabilities Demonstrable knowledge of networking (TCP/IP, topology, OSI model and network forensics), operating systems (Windows/MacOS/Linux), and web technologies (web applications, database security, web servers) Knowledge of federal & compliance regulations e.g. SOX, PCI & CPNI Knowledge of Scripting tools (Python/Perl/Shell/HTML/PHP) Ability to read and understand system data, including, but not limited to, security event logs, system logs, and firewall logs High degree of attention to detail Presentation skills to large and small audiences Strong verbal and written communication skills Desired Experience supporting Cyber Security Operations in a large enterprise environment Experience with SIEM & Log Management solutions Experience with cloud security, telecom security, data protection Experience with enterprise systems or network administration CCNA Security, GCIA, GCIH or other related security certifications Minimum Required Education Degree in Computer Science, Information Technology, or equivalent work experience In lieu of a degree, 6+ years of related experience may be considered Course work in Cyber Security is strongly preferred General/Physical Requirements Must sit for extended periods of time. Extensive computer and telephone utilization. Shift work in a 24O7 Cyber Security Operations Center Participation in on-call rotation may be required * At least 18 years of age * Legally authorized to work in the United States At T-Mobile, employees in regular, non-te