Sr Engineer, Software - Security Operations [T500-20383]

ANSR is hiring for one of its clients.

About T-Mobile :

T-Mobile US, Inc. (NASDAQ : TMUS), headquartered in Bellevue, Washington, is America’s supercharged Un-carrier, connecting millions through its strong nationwide network and flagship brands, T-Mobile and Metro by T-Mobile. Customers benefit from an unmatched combination of value, quality, and exceptional service experience.

About TMUS Global Solutions :

TMUS Global Solutions is a world-class technology powerhouse accelerating the company’s global digital transformation. With a culture built on growth, inclusivity, and global collaboration, the teams here drive innovation at scale, powered by bold thinking.

TMUS India Private Limited is a subsidiary of T-Mobile US, Inc. and operates as TMUS Global Solutions.

About the Role :

Security is a core pillar of our digital infrastructure. As a Senior Engineer – Security Operations, you will be a key member of the CFL Platform Engineering and Operations team you will play a critical role in ensuring the reliability, integrity, and responsiveness of security operations across large-scale cloud and enterprise platforms.

You’ll work closely with threat intelligence, platform engineering, and cloud teams to detect, investigate, and respond to threats. You’ll also contribute to the design and automation of detection pipelines, incident workflows, and security observability frameworks—helping protect systems, data, and users in real time.

What You’ll Do :

Respond to security alerts and incidents, triaging and escalating as appropriate

Investigate security events across cloud, infrastructure, and application layers using SIEM and telemetry tools

Participate in incident response, post-incident reviews, and root cause analysis processes

Write, tune, and deploy detection rules using platforms such as Splunk, Sentinel, Chronicle

Integrate telemetry from cloud logs, IAM, APIs, containers, and endpoint tools

Collaborate with threat intelligence teams to build and test detections for IOCs and attacker behaviors

Develop and maintain SOAR workflows, automation scripts, and investigation playbooks

Contribute to the observability stack with monitoring, metrics, and alerting capabilities

Integrate security signals into CI / CD pipelines and DevSecOps toolchains

Collaborate with cloud, SRE, and engineering teams on secure architecture and operations

Contribute to platform hardening and baseline security configurations

Promote security best practices and awareness across engineering

What You’ll Bring :

Bachelor’s degree in Computer Science, Information Security, or a related field

4-7 years of experience in security operations, detection engineering, or incident response

Strong experience with SIEM / SOAR platforms including detection rule creation and tuning

Experience with cloud-native security tooling (Azure preferred, AWS / GCP acceptable)

Proficiency in Python, PowerShell, or Bash for scripting and automation

Knowledge of security monitoring in Kubernetes, APIs, and container-based workloads

Must Have Skills :

Application & Microservice : Java, Spring boot, API & Service Design

Any CI / CD Tools : Gitlab Pipeline / Test Automation / GitHub Actions / Jenkins / Circle CI

App Platform : Docker & Containers (Kubernetes)

Any Databases : SQL & NOSQL (Cassandra / Oracle / Snowflake / MongoDB)

Any Messaging : Kafka, Rabbit MQ

Any Observability / Monitoring : Splunk / Grafana / Open Telemetry / ELK Stack / Datadog / New Relic / Prometheus)

Security Skillset : OWASP Concepts, threat modeling

Nice To Have :

CSPM (AWS, Azure, Databricks)

Data protection : tokenization, masking, key rotation

Policy-as-code enforcement (OPA, Kyverno)

SIEM / SOAR pipeline tuning & ownership.