Job Title

About T-Mobile:T-Mobile US, Inc. (NASDAQ: TMUS), headquartered in Bellevue, Washington, is America’s supercharged Un-carrier, connecting millions through its strong nationwide network and flagship brands, T-Mobile and Metro by T-Mobile. Customers benefit from an unmatched combination of value, quality, and exceptional service experience.About TMUS Global Solutions:TMUS Global Solutions is a world-class technology powerhouse accelerating the company’s global digital transformation. With a culture built on growth, inclusivity, and global collaboration, the teams here drive innovation at scale, powered by bold thinking.TMUS India Private Limited operates as TMUS Global Solutions.About the Role:As an Engineer – Security Operations, you will be a key member of the CFL Platform Engineering and Operations team, you will lead reliability engineering for AI-powered platforms supporting LLM applications, AI gateways, and enterprise-scale services across finance, credit, collections, and document systems. You will design and implement observability and incident response frameworks, scale high-performance infrastructure, and champion SRE best practices to support secure, automated, and resilient systems.What You’ll Do:- Monitor and triage security alerts using SIEM tools like Splunk, Sentinel, or Chronicle - Investigate suspicious activity and escalate confirmed incidents with clear documentation - Tune and maintain detection rules based on threat intelligence, use cases, and false positive analysis - Assist in incident response efforts, supporting data gathering, root cause analysis, and remediation steps - Develop and maintain security automation scripts using Python, Bash, or PowerShell - Support security workflow automation using SOAR tools and custom enrichment scripts - Integrate security monitoring with cloud infrastructure, CI/CD pipelines, and observability platforms - Document detection logic, response processes, and investigation workflows - Collaborate with Cloud, SRE, and DevOps teams to improve system visibility and secure configurations - Maintain awareness of current threats, vulnerabilities, and attacker techniques - Participate in red team/blue team exercises, tabletop simulations, or detection validation projectsWhat You’ll Bring:- Bachelor’s degree in Computer Science, Information Security, or a related technical field - 2-5 years of experience in security operations, SOC, threat detection, or incident response roles - Experience with SIEM platforms (e.g., Splunk, Microsoft Sentinel, Chronicle) - Familiarity with event and log analysis, detection rule tuning, and telemetry correlation - Scripting ability in Python, PowerShell, or Bash for automation and tooling support - Understanding of cloud-native security concepts (preferably in Azure; AWS/GCP also relevant) - Knowledge of threat detection frameworks such as MITRE ATT&CK and use of adversary emulation or threat hunting practices - Experience with EDR tools, audit logs, IAM logs, or Kubernetes security telemetry - Exposure to SOAR tools or detection-as-code workflows is a plus - Strong analytical and troubleshooting skills with attention to technical depth - Excellent communication skills and the ability to collaborate across engineering and security teams - Passion for improving threat detection, automation, and overall security posture at scaleMust Have Skills:- Application & Microservice: Java, Spring boot, API & Service Design - Any CI/CD Tools : Gitlab Pipeline/Test Automation/GitHub Actions/ Jenkins /Circle CI - App Platform: Docker & Containers (Kubernetes) - Any Databases : SQL & NOSQL (Cassandra/Oracle/Snowflake/MongoDB) - Any Messaging: Kafka, Rabbit MQ - Any Observability/Monitoring: Splunk/ Grafana/ Open Telemetry /ELK Stack/ Datadog/ New Relic/ Prometheus) - Security Skillset: OWASP ConceptsNice To Have:- IAM least privilege, KMS/Key Vault basics - Incident/Change/Problem playbooks, ServiceNow integration - K8s RBAC, Network Policies, image scanning - SIEM basics (Azure Sentinel, Splunk) - WAF/DDoS protection (Akamai, Cequence)