Kansas Action for Children, Inc
Sr Cybersecurity Engineer - Detection Engineering
Kansas Action for Children, Inc, Topeka, Kansas, United States,
at T-Mobile USA, Inc. in Overland Park, Kansas, United StatesJob Description
Be unstoppable with us!T-Mobile is synonymous with innovation—and you could be part of the team that disrupted an entire industry! We reinvented customer service, brought real 5G to the nation, and now we're shaping the future of technology in wireless and beyond. Our work is as exciting as it is rewarding, so consider the career opportunity below as your invitation to grow with us, make big things happen with us, above all, #BEYOU with us. Together, we won't stop!The Detection Engineering Sr. Engineer is responsible for continually improving T-Mobile's security detection capabilities while ensuring suspicious/malicious activity is identified quickly and accurately (protecting T-Mobile customers and employees). They will work with all teams within security operations to ensure that T-Mobile is protecting its customers and employees. They will work with multiple technologies and data sets to build security detection frameworks (i.e., SIEM, EDR, Network Monitoring, etc.). The best candidate for the role should have a strong comprehension of detection techniques, tactics, and procedures while understanding the needs of an incident response team. This individual must be driven, work well with other people, and have strong verbal and written communication skills.Job Responsibilities
Play a vital role in designing and building a comprehensive threat detection program.Work with partners throughout security and engineering to develop and improve threat detection logic, enhance response capabilities, and deploy new tools.Identify active threats to T-Mobile system environments including T-Mobile.com, corporate networks, third-party services, and individual user endpoints.Inform log ingestion requirements for threat detection use case development.Research new attack techniques in order to improve detection logic.Create custom logic, detection rules, and alerts to identify suspicious patterns and activity.Manage the Security Detection Lifecycle (Maintain, tune, deprecate, etc.).Develop content to improve detective capabilities in Security tooling (SIEM, EDR, etc.).Work with IR teams to respond to security incidents promptly.Be a champion for process, recommending tools, software development, or infrastructure changes to improve or enhance security.Lead small to medium-sized projects as advised (taking ownership while developing/driving a solution to its full value/completion).Develop and deliver metrics.Participate in Cyber Incident Response Team rotation that may involve non-traditional working hours.Education
Bachelor's Degree in Computer Science or Information Technology or equivalent experience.Work Experience
4+ years' experience in a cybersecurity-related field.3+ years of supporting/driving security-related projects/tasks (taking ownership while driving a solution to its full value/completion).Authority (SME) in multiple security domains.Experience with incident handling (investigating/supporting/assisting/etc.).Experience in Threat Modeling.Experience with high-level design architecture, security technologies, networking, web services, and SOA. Understanding of encryption, obfuscation, and tokenization technologies.Preferred Experience
2+ years of detection engineering experience.5+ years of cybersecurity operations experience.SME level knowledge of a SIEM (Splunk, Azure Sentinel, QRadar, etc.).2+ years of experience with cloud-related technologies (Azure, AWS, GCP, etc.).Strong analytic and problem-solving skills.Aim to identify known and unknown threats and attacks.Programming/Scripting languages such as Python, etc.Knowledge, Skills, and Abilities
Knowledge of Machine Learning Concepts and Capabilities.Proficiency in multiple Operating Systems (Ex. Linux, Windows, Mac, etc.).Familiarity with regular expressions and data normalization techniques.Knowledge of Cybersecurity tooling and how it can be used to create insights.Knowledge of detection methods (ATT&CK).Knowledge of Cloud-related technologies (Azure, AWS, GCP, etc.).Medium to advanced knowledge of Scripting tools (Python/Perl/Shell/HTML/PHP).Knowledge of federal & compliance regulations e.g., SOX, PCI & CPNI.Familiarity with load balancers.EOE StatementWe Take Equal Opportunity Seriously - By ChoiceT-Mobile USA, Inc. is an Equal Opportunity Employer. All decisions concerning the employment relationship will be made without regard to age, race, color, religion, creed, sex, sexual orientation, gender identity or expression, national origin, marital status, veteran status, the presence of any physical or mental disability, or any other status or characteristic protected by federal, state, or local law. Discrimination or harassment based upon any of these factors is wholly inconsistent with our Company values and will not be tolerated. Furthermore, such discrimination or harassment may violate federal, state, or local law.
#J-18808-Ljbffr
Be unstoppable with us!T-Mobile is synonymous with innovation—and you could be part of the team that disrupted an entire industry! We reinvented customer service, brought real 5G to the nation, and now we're shaping the future of technology in wireless and beyond. Our work is as exciting as it is rewarding, so consider the career opportunity below as your invitation to grow with us, make big things happen with us, above all, #BEYOU with us. Together, we won't stop!The Detection Engineering Sr. Engineer is responsible for continually improving T-Mobile's security detection capabilities while ensuring suspicious/malicious activity is identified quickly and accurately (protecting T-Mobile customers and employees). They will work with all teams within security operations to ensure that T-Mobile is protecting its customers and employees. They will work with multiple technologies and data sets to build security detection frameworks (i.e., SIEM, EDR, Network Monitoring, etc.). The best candidate for the role should have a strong comprehension of detection techniques, tactics, and procedures while understanding the needs of an incident response team. This individual must be driven, work well with other people, and have strong verbal and written communication skills.Job Responsibilities
Play a vital role in designing and building a comprehensive threat detection program.Work with partners throughout security and engineering to develop and improve threat detection logic, enhance response capabilities, and deploy new tools.Identify active threats to T-Mobile system environments including T-Mobile.com, corporate networks, third-party services, and individual user endpoints.Inform log ingestion requirements for threat detection use case development.Research new attack techniques in order to improve detection logic.Create custom logic, detection rules, and alerts to identify suspicious patterns and activity.Manage the Security Detection Lifecycle (Maintain, tune, deprecate, etc.).Develop content to improve detective capabilities in Security tooling (SIEM, EDR, etc.).Work with IR teams to respond to security incidents promptly.Be a champion for process, recommending tools, software development, or infrastructure changes to improve or enhance security.Lead small to medium-sized projects as advised (taking ownership while developing/driving a solution to its full value/completion).Develop and deliver metrics.Participate in Cyber Incident Response Team rotation that may involve non-traditional working hours.Education
Bachelor's Degree in Computer Science or Information Technology or equivalent experience.Work Experience
4+ years' experience in a cybersecurity-related field.3+ years of supporting/driving security-related projects/tasks (taking ownership while driving a solution to its full value/completion).Authority (SME) in multiple security domains.Experience with incident handling (investigating/supporting/assisting/etc.).Experience in Threat Modeling.Experience with high-level design architecture, security technologies, networking, web services, and SOA. Understanding of encryption, obfuscation, and tokenization technologies.Preferred Experience
2+ years of detection engineering experience.5+ years of cybersecurity operations experience.SME level knowledge of a SIEM (Splunk, Azure Sentinel, QRadar, etc.).2+ years of experience with cloud-related technologies (Azure, AWS, GCP, etc.).Strong analytic and problem-solving skills.Aim to identify known and unknown threats and attacks.Programming/Scripting languages such as Python, etc.Knowledge, Skills, and Abilities
Knowledge of Machine Learning Concepts and Capabilities.Proficiency in multiple Operating Systems (Ex. Linux, Windows, Mac, etc.).Familiarity with regular expressions and data normalization techniques.Knowledge of Cybersecurity tooling and how it can be used to create insights.Knowledge of detection methods (ATT&CK).Knowledge of Cloud-related technologies (Azure, AWS, GCP, etc.).Medium to advanced knowledge of Scripting tools (Python/Perl/Shell/HTML/PHP).Knowledge of federal & compliance regulations e.g., SOX, PCI & CPNI.Familiarity with load balancers.EOE StatementWe Take Equal Opportunity Seriously - By ChoiceT-Mobile USA, Inc. is an Equal Opportunity Employer. All decisions concerning the employment relationship will be made without regard to age, race, color, religion, creed, sex, sexual orientation, gender identity or expression, national origin, marital status, veteran status, the presence of any physical or mental disability, or any other status or characteristic protected by federal, state, or local law. Discrimination or harassment based upon any of these factors is wholly inconsistent with our Company values and will not be tolerated. Furthermore, such discrimination or harassment may violate federal, state, or local law.
#J-18808-Ljbffr