Manager, Enterprise Info Security - Vulnerability ManagementAPPLY NOW
The Manager of Corporate Information Security position exists to help prevent, detect, and respond to threats to company information, systems, and networks. This position will be responsible for ensuring appropriate protections are built into our infrastructure, products, systems, processes, and services. The Manager of CIS will facilitate security related interactions with business partners, OEMs, and service partners. Integration with the security community internal to T-Mobile and external with partners such as government, industry, and security organizations is necessary. The Manager of CIS will demonstrate strong critical thinking skills, excellent communication skills, and effectively manage the time and effort of all individual contributors, projects, and associated initiatives. A strong understanding of security technologies, architecture, and best practices will be critical to the success of this role. The Information Security manager serves as the process owner for all ongoing activities that serve to provide appropriate access to and protect the confidentiality and integrity of customer, employee, and business information in compliance with organization policies and standards.
An in-depth understanding of:
- Vulnerability assessment tools (Nessus, Nexpose, Metasploit, Qualys, Qualys, nmap, Burp Suite, Retina, etc.) as well as manual techniques.
- Windows, Mac, and Linux-based operating systems from both a user-endpoint and server perspective.
- Technical writing and documentation tools (Microsoft Office Suite, wiki collaboration platforms, ticket and bug tracking systems).
- Common and emerging attack vectors, penetration methods, countermeasures, and remediation methods and implications.
- Patching programs and systems of major hardware and software vendors.
- Strong systems and network background with an emphasis in secure configuration and hardening.
- Knowledge of information security industry and regulatory obligations (PCI DSS, SOX404, SOC1/2, ISO 27000-series, NIST Framework, etc.).
- Industry Certifications preferred: GIAC, CISSP, CISM, CISA.
- Oversee the maintenance and continual improvement of vulnerability management infrastructure, initiatives, integration, processes, and technical assessment support.
- Be accountable for the patch and vulnerability management process as well as the performance of the matrixed team’s assigned tasks.
- Support compliance and audit inquiries relating to security assurance and vulnerability management.
- Classify and prioritize the risk of new vulnerabilities according to the specifics of our unique environment’s risk level, mitigating factors, and assessment of the impacts of internal and external threats.
- Maintain dashboards and collect metrics and reports on vulnerability findings and remediation compliance.
- Publish monthly program metrics with the aim to characterize and communicate security effectiveness to executives and stakeholders.
- Facilitate proactive remediation of new vulnerabilities by collecting information from threat and vulnerability feeds, analyzing the impact/applicability to our environment and communicating applicable vulnerabilities and recommended remediation actions to the impacted teams.
- Work closely with both business-oriented executives and leads as well as technology-oriented personnel to ensure adequate processes are in place and actions are being taken to mitigate identified risks proactively.
- Provide technical support to system owners to propose mitigation and remediation solutions to identified issues.
- Provide input to the department’s leadership for enhancing the information security strategy.
- Assist departments across the organization in understanding and implementing security policy objectives in ways that are cost effective, and align with business objectives.
- Stay current on security industry trends, attack techniques, mitigation techniques, security technologies and new and evolving threats to the organization by attending conferences, networking with peers and other education opportunities.
- Strong knowledge of information security threats, vulnerabilities, and overall risk profile of the enterprise
- Mentor analysts, senior analysts, and CIS individual contributors to promote successful performance and career growth in alignment with department and enterprise objectives
- Demonstrated ability to provide security consultation on designs and/or implementation of security controls ensuring adherence to T-Mobile security standards and/or best practices
- Plan and execute appropriate protective measures to include policy, process, and overall security awareness
- Excellent verbal and communication skills necessary to engage with diverse cross functional groups and present effectively to small and large groups
- Lead security projects driven by groups both internal and external to Corporate Information Security
- Develop strategy, roadmap, and requirements for enterprise information protection to align with technology, product, and overall business strategy
•Excellent analytical and problem solving skills. Strong communication, literacy, and comprehension
•Working knowledge of security policy, compliance and control environment related to information security
•Experience managing a team of 4 or more
•Demonstratable experience with leadership role on at least one large project implementation. Demonstrated organizational influence
•High School Diploma/GED
•Computer Science or Information Technology
WE EVEN DO BENEFITS DIFFERENTLY.
Medical, dental, and vision are just the start. We also offer health pro consultants, flexible spending accounts, and more.
PAID R & R
Kick back with paid time off. We want you to have flexibility, convenience, and control over how you recharge.
IT'S ALL ABOUT YOU
We've ditched old-school performance reviews for a tailored approach to career health that includes training for better career and leadership skills.
SWEET COMPANY DISCOUNTS
Naturally, we offer steep discounts on our consumer rate plans and all the fantastic accessories we carry.
HELP WITH THE FAM
Kids rock. But child care, adoption, and surrogacy aren’t cheap. We offer programs that help reduce those burdens.
Options include a 401(k) plan, an annual Employee Stock Grant, and a purchase plan that gives you the chance to grab T-Mobile stock at a discount.
ARE YOU A GOOD FIT FOR OUR TEAM?APPLY NOW
What's it like to work at T-Mobile?Find out
Current Senior Technician in Rowlett, TX
Laid back, easy going, very relaxed and opportunities for advancement and career enhancement if the individual applies him/herself. They INSIST on a healthy work-life balance. And the CEO is entertaining and has done amazing things for the company.
They really like to promote from within, which is great, if you're "in", but it can be incredibly difficult to get in. Pay can be a little on the low end of the scale, but benefits are great.
Advice to Management
Make sure that everyone on the teams are pulling their share of the weight; policies come out because of the intermittent 'bad apple'
"Fun, Exciting, Big Company"
Current Business Analyst in Bellevue, WA
There are many good reasons to work for T-Mobile. Discounted phone bill, discount towards accessories, and good benefits package to name a few. The company is growing and will soon be in the hunt for the top spot in the telecommunication world.
Just like other large corporate environments, its not what you know its who you know in order to advance your career further. Pay is fair could be better.
Advice to Management
Stop managing and be leaders! Listen to your employees, be proactive in identifying issues rather than ignoring them.
As America’s Un-carrier, T-Mobile US, Inc. (NASDAQ: “TMUS”) is redefining the way consumers and businesses buy wireless services through leading product and service innovation. The company’s advanced nationwide 4G and 4G LTE network delivers outstanding wireless experiences for customers who are unwilling to compromise on quality and value. Based in Bellevue, Washington, T-Mobile US provides services through its subsidiaries and operates its flagship brands, T-Mobile and MetroPCS. For more information, please visit http://www.t-mobile.com.
We Take Equal Opportunity Seriously - By Choice
T-Mobile USA, Inc. is an Equal Opportunity Employer. All decisions concerning the employment relationship will be made without regard to age, race, color, religion, creed, sex, sexual orientation, gender identity or expression, national origin, marital status, veteran status, the presence of any physical or mental disability, or any other status or characteristic protected by federal, state, or local law. Discrimination or harassment based upon any of these factors is wholly inconsistent with our Company values and will not be tolerated. Furthermore, such discrimination or harassment may violate federal, state, or local law.