Job Information
T-Mobile USA, Inc Principal Engineer, Cyber Security in Bellevue, Washington
At T-Mobile, we invest in YOU! Our Total Rewards Package ensures that employees get the same big love we give our customers. All team members receive a competitive base salary and compensation package - this is Total Rewards. Employees enjoy multiple wealth-building opportunities through our annual stock grant, employee stock purchase plan, 401(k), and access to free, year-round money coaches. That's how we're UNSTOPPABLE for our employees! Job Overview The Principal Cybersecurity Engineer ensures the design, implementation, and management of robust security systems and practices across diverse software, systems, and infrastructure. This role involves securing critical telecommunications technologies, including 3GPP standards, IMS, packet core, messaging, e911, and 5G networks, while leveraging modern practices like zero-trust architecture, containerization, and advanced threat detection. The engineer collaborates with cross-functional teams to assess and mitigate risks, ensuring a secure environment for enterprise applications, IoT, mobile devices, and next-generation networks. As a subject matter expert, this role drives cybersecurity strategies across cloud, big data, carrier network technologies, and other emerging areas, providing technical leadership and enhancing the organization's security posture. Job Responsibilities: Telecom Security: Ensures the security of 3GPP-compliant systems, including LTE, 5G, and IMS core networks. Develops and implements cybersecurity solutions for packet core infrastructure, including EPC, UPF, and related network elements. Leads security design and implementation for critical services like e911, VoLTE, RCS messaging, and SMS/MMS platforms. Secures signaling protocols (e.g., Diameter, SIP, HTTP/2) and mitigate risks such as signaling fraud, DoS attacks, and SS7 vulnerabilities. Advanced Threat Management: Develops and executes threat modeling approaches (e.g., STRIDE, ATT&CK, Cyber Kill Chain) for telecom technologies and services. Designs and deploys advanced EDR/XDR solutions to protect against sophisticated threats targeting telecom infrastructure. Next-Generation Networks and Cloud: Secures 5G standalone and non-standalone architectures, ensuring integrity and confidentiality across gNBs, MEC, and NFs. Improves cloud-native security in 5G core and IMS environments leveraging red Hat Openshift, Kubernetes, service meshes (Istio), and microservices. Collaborates with teams on the implementation of secure MEC (Multi-access Edge Computing) environments and 5G slicing security. Expertise on cloud native security technologies in AWS, Azure, GCP etc. Proficiency in Cloud security architecture and deployment Software defined network architecture and deployment in large scale enterprise using Cisco ACI and terraform Modern authentication stack experience on Microsoft Entra ID, CyberArk, Hashicorp, Keyfactor, certificate management etc. Experience on firewalls (Checkpoint, PAN), load balancers (A10, F5, Avi), micro-segmentation tools (Illumio), SASE products like Zscaler is desired. Incident Response and Risk Management: Leads investigations and response efforts for telecom-specific security incidents, ensuring compliance with standards and regulations. Proactively identifies security gaps in legacy and modern telecom infrastructure, developing and implementing risk mitigation strategies. Cross-Functional Collaboration: Acts as a cybersecurity advisor for engineering teams, ensuring secure SDLC practices for telecom and enterprise applications. Mentors teams on telecom cybersecurity, fostering expertise in signaling security, secure protocol design, and network hardening. Modern Cybersecurity Technologies: Implements and manages solutions for zero-trust architecture, AppSec, and DevSecOps within telecom systems. Automate threat detection and response pipelines using Pytho