Principal Engineer, Software - Security Operations [T500-20635]

ANSR is hiring for one of its clients.

About T-Mobile:

T-Mobile US, Inc. (NASDAQ: TMUS), headquartered in Bellevue, Washington, is America’s supercharged Un-carrier, connecting millions through its strong nationwide network and flagship brands, T-Mobile and Metro by T-Mobile. Customers benefit from an unmatched combination of value, quality, and exceptional service experience.

TMUS Global Solutions:

TMUS Global Solutions is a world-class technology powerhouse accelerating the company’s global digital transformation. With a culture built on growth, inclusivity, and global collaboration, the teams here drive innovation at scale, powered by bold thinking.

TMUS India Private Limited is a subsidiary of T-Mobile US, Inc. and operates as TMUS Global Solutions.

About the Role:

We are building a modern, cloud-native platform to support critical applications across finance, credit, document, and AI-powered systems. As a Principal Engineer – Security Operations, you will be a key member of the CFL Platform Engineering and Operations team you will lead the architecture and execution of infrastructure platforms that enable reliability, scalability, security, and developer productivity at scale.

This is a strategic technical leadership role, driving cloud adoption, automation, and infrastructure architecture across multiple business domains. You’ll partner with engineering, security, AI, and SRE teams to build robust platforms that support multi-cloud deployments, CI/CD automation, zero-downtime operations, and cost-effective scaling.

What You’ll Do:

• Design and implement end-to-end security monitoring and incident response architecture across cloud and hybrid platforms
• Build scalable detection pipelines and correlation logic with SIEM/SOAR tools like Splunk, Chronicle, Sentinel, Palo Alto XSOAR
• Integrate security telemetry from APIs, firewalls, IAM, CI/CD, endpoint, and Kubernetes into unified detection systems
• Architect automated response and containment workflows to reduce MTTR and alert fatigue
• Partner with Threat Intelligence teams to implement IOC and behavior-based detection logic
• Build and maintain detection-as-code pipelines with versioning, testing, and simulation
• Enable real-time detection of attacks such as zero-day exploits, lateral movement, and data exfiltration
• Automate triage, enrichment, and remediation using SOAR platforms and infrastructure APIs
• Embed security observability into platform and application architectures
• Monitor alert health, detection coverage, and control effectiveness across environments
• Act as incident commander during major security events and lead coordinated response
• Drive security maturity via tools, playbooks, and collaboration with engineering and operations
• Align detection engineering with risk, compliance, IAM, and data security programs
• Mentor security engineers and analysts; advocate detection and automation best practices

What You’ll Bring:

• Bachelor’s or Master’s degree in Computer Science, Information Security, or related field
• 7-12 years of experience in Security Engineering, SecOps, or Platform Security roles
• Deep expertise in SIEM/SOAR platforms and detection engineering with APIs, logs, and threat intel
• Strong hands-on experience in cloud security (Azure preferred; AWS/GCP acceptable)
• Proficient in scripting or automation (Python, PowerShell, Bash, or Go)
• Experience with container security, Kubernetes, and CI/CD security controls
• Proven leadership in high-severity incident response

Must Have Skills:

• Application & Microservice: Java, Spring boot, API & Service Design
• Any CI/CD Tools : Gitlab Pipeline/Test Automation/GitHub Actions/ Jenkins /Circle CI
• App Platform: Docker & Containers (Kubernetes)
• Any Databases : SQL & NOSQL (Cassandra/Oracle/Snowflake/MongoDB)
• Any Messaging: Kafka, Rabbit MQ
• Any Observability/Monitoring: Splunk/ Grafana/ Open Telemetry /ELK Stack/ Datadog/ New Relic/ Prometheus)
• Security Skillset: OWASP Concepts, threat modeling, Zero-trust, SecOps

Nice To Have:

• Enterprise SecOps strategy & roadmap
• Executive risk reporting, board metrics
• PCI/PII/SOX compliance governance
• Supply chain security program (SLSA provenance)
• Vendor security due diligence (FICO, OFSLL, Akamai, Cequence)
• Zero-trust architecture: SPIFFE/SPIRE, mTLS