Sr Manager, Cybersecurity - Vulnerability Management T-Mobile USA
Bellevue, WA

Job Description

This Senior Manager, Cybersecurity leads the T-Mobile USA (TMUS) Vulnerability Management Team within the Cyber Security Operations organization, and reports to the Director, Cyber Security Operations. In this role, you will oversee a 24x7 function and teams comprised of full-time employee managers and individual contributors, managed services, and external partners. The functions you will lead include vulnerability scanning infrastructure and operations, penetration testing, responsible disclosure, bug bounty, and remediation services.As America's Un-carrier, T-Mobile USA, Inc. (NASDAQ: "TMUS") is redefining the way consumers and businesses buy wireless services through leading product and service innovation. The company's advanced nationwide 4G and 4G LTE network delivers outstanding wireless experiences for customers who are unwilling to compromise on quality and value. Based in Bellevue, Washington, T-Mobile USA. Inc. provides services through its subsidiaries and operates its flagship brands, T-Mobile and Metro by T-Mobile. For more information, please visit http://www.t-mobile.comEnterprise Core Competencies

Requires competency in vulnerability management, technical assessments with strong customer focus, change and innovation, strategic thinking, relationship building and influencing, talent management, results focus and inspirational leadership.

Minimum Requirements:

* 7+ years in large enterprise Cyber Security Operations, with understanding of security fundamentals and common vulnerability frameworks, penetration testing leading practices, and practical experience leading responsible disclosure and/or bug bounty programs.
* 5+ years of technical experience, preferably with broad exposure to technologies related to wireless services, networking, and application development
* 3+ years managing a team of full-time direct reports, responsible for your team's employee development, performance evaluations and coaching.
* A deep understanding of cyber-security threats, vulnerabilities, controls and remediation strategies in global enterprise environments
* Experience implementing and operating vulnerability scanning tools (Tenable, Qualys, etc.)
* An ability to communicate complex and technical issues to diverse audiences, verbally and in writing, in an easily-understood, authoritative, and actionable manner
* Strong organizational skills with ability to handle multiple high visibility issues simultaneously
* Experience with large scale and complex incidents of various types, such as Advanced Persistent Threats, DDoS, insider, web and mobile applications, data ex-filtration etc.
* Extremely organized, with strong project and resources capacity management experience
* Federal and industry regulations understanding (e.g. PCI, SOX, CPNI, ISO)
* Fluent in common cybersecurity domains such as data protection, access control, encryption, identify management, security operations, application security, penetration tests, endpoint security, vulnerability management, threat intelligence, risk assessments
* Detail oriented, results driven, fast learner

Preferred:

* BA/BS in Engineering, Computer Science, Information Security, or Information Systems
* Knowledge of Mitre ATT&CK and the cyber kill chain frameworks
* Scripting/programming skills (e.g., Python, Ruby, Java, JS, etc.)
* Network and web-related protocol knowledge (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)
* CISSP, CISM certifications
* Digital Security
* LI-KM3As T-Mobiles Vulnerability Management leader, you will:
* Build and mentor high performing teams with a passion for creating positive culture founded on integrity and equity
* Develop and implement the TMUS Vulnerability Management vision, strategy, road map, and operations playbooks in partnership with appropriate teams across technology and business units
* Serve as the escalation point and executive liaison for major or high-profile vulnerability prevention and remediation, including validation of likelihood/impact, coordinating plans, facilitating information sharing, and reporting
* Provide timely and relevant updates to appropriate leaders and decision makers
* Manage third party contracts and engagements
* Establish meaningful measures and metrics for team performance and SLAs/OLAs.
* Apply demonstrated practical and management experience to optimization of processes and tools for vulnerability scanning, penetration testing, bug bounty, responsible disclosure and vulnerability remediation services.
* Facilitate operational decisions to mobilize staff to triage and facilitate remediation of externally discovered vulnerabilities