Information Technology

Sr CIRT Engineer – Enterprise (Remote Eligible)

**This role can be located anywhere within the United States.

Are you ready to help transform the world of Wireless Security? Then come join T-Mobile, the nation’s UnCarrier as a Sr CIRT Engineer (Enterprise).

The Sr CIRT Engineer role, working in the Cyber Transformation Organization will be responsible for monitoring, assessing, and responding to information security events in a large diverse enterprise environment. The best candidate for the role should have a strong comprehension of incident response, work well with other people and have strong verbal and written communication skills. This position correlates security related data across the enterprise, performs Security Incident Response Handling & Incident Containment/Recovery and also assists application owners to understand and implement the security aspects of their applications. Additionally, the candidate must have some knowledge of system security design and network security best practices. Analytical and organizational skills, and the ability to effectively communicate and work independently and as part of a team are required.

What you’ll do in your role.

  • Investigate incidents for Cyber Incident Response Team (CIRT)
  • Develop content to improve detective capabilities in Security Information and Event Management (SIEM) tool
  • Analyze disparate data sources for security incidents
  • Respond to network security incidents promptly to mitigate damage or restore service
  • A champion for process, recommending tool, software development, or infrastructure
  • changes to improve or enhance security
  • Lead small to medium sized projects as directed
  • Develop and deliver metrics as requested
  • Participate in Cyber Incident Response Team (CIRT) rotation that may involve non-traditional working hours

The experience you’ll bring.


  • 3+ years of Cyber Incident Handling experience (+ 2 years’ Engineering) OR 5+ years of Cybersecurity experience
  • High-level network troubleshooting ability
  • Ability to plan, organize and prioritize tasks to complete independently and within time frame established
  • Intermediate level of scripting experience
  • Knowledge and experience with current cyber threats and landscape to Enterprise environments.
  • In-depth knowledge of security best practices in large-scale environments
  • In-depth knowledge of security technologies such as, but not limited to:
    • Intrusion Detection systems (I.E. Checkpoint, McAfee, ISS, Snort, etc.)
    • Security Information and Event Management (SIEM)
    • Network Windows/Linux forensics techniques
    • Vulnerability scanning tools (WebInspect, Nessus, etc.)
  • In-depth knowledge of networking and OS technologies such as, but not limited to:
    • Diagnostic tools such as packet capture/decode and WAN probes
    • Operating Systems: Windows & UNIX – Solaris, HP/UX, or Linux operating systems administration
    • Networking components including routers, hubs, switches, etc.
    • TCP/IP protocols
  • OSI Seven Layer Model
  • Knowledge of state and Federal regulatory requirements PCI, PII, CPNI requirements
  • Strong verbal and written communication skills

The starting pay range for a candidate selected for this position who is based in Colorado is generally within the range of $75,000 to $145,000 for annual base salary. The successful candidate’s actual pay will be based on various factors, such as work location, qualifications, and experience, so the actual starting pay may be above or below this range. Employees are eligible for a year-end bonus based on company and/or individual performance and which is set at a percentage of an employee’s eligible earnings in the prior year.

  • Bachelor’s Degree in Computer Science, Cybersecurity or related area, or equivalent experience
  • Having at least one current form of following certifications is a plus: GCIH, GCIA, GCFA or GREM
  • At least 18 years of age
  • Legally authorized to work in the United States
  • High School Diploma or GED
  • T-Mobile requires all employees in this position to be fully vaccinated for COVID-19 prior to starting work. The CDC defines “fully vaccinated” as two weeks after the second dose for Pfizer and Moderna, and two weeks after the single dose of Johnson & Johnson. T-Mobile will require proof of vaccination and consider requests for exemption from this requirement during the offer phase as a reasonable accommodation for medical reasons or sincerely held religious beliefs where the accommodation would not cause T-Mobile undue hardship or pose a direct threat to the health and safety of others.

Position details

Req ID: 180298BR

Department: Information Technology

Travel Required: Yes

Position Posted for

October 26, 2021 days

Similar openings

Check your commute.

We’ll take care of you.

Check out what we offer

Are you a good fit for our team?

Apply Now

What’s it like to work at T-Mobile? Find out.

Equal Employment Opportunity

As America’s Un-carrier, T-Mobile USA, Inc. (NASDAQ: “TMUS”) is redefining the way consumers and businesses buy wireless services through leading product and service innovation. The company’s advanced nationwide 4G and 4G LTE network delivers outstanding wireless experiences for customers who are unwilling to compromise on quality and value. Based in Bellevue, Washington, T-Mobile USA. Inc. provides services through its subsidiaries and operates its flagship brands, T-Mobile and Metro by T-Mobile. For more information, please visit

Applicant Privacy Policy

We are committed to maintaining your trust by respecting and protecting your privacy. For more information about how T-Mobile processes the personal data of job applicants, please visit Applicant Privacy Policy.

EOE Statement

T-Mobile USA, Inc. is an Equal Opportunity Employer.

TMobile EOE Unicorn