About T-Mobile:T-Mobile US, Inc. (NASDAQ: TMUS), headquartered in Bellevue, Washington, is America’s supercharged Un-carrier, connecting millions through its strong nationwide network and flagship brands, T-Mobile and Metro by T-Mobile. Customers benefit from an unmatched combination of value, quality, and exceptional service experience.About TMUS Global Solutions:TMUS Global Solutions is a world-class technology powerhouse accelerating the company’s global digital transformation. With a culture built on growth, inclusivity, and global collaboration, the teams here drive innovation at scale, powered by bold thinking.TMUS India Private Limited operates as TMUS Global Solutions.About the Role:The Senior Software Engineer plays a key role in designing, implementing, and securing scalable cloud infrastructure across AWS and Azure environments. This role focuses on developing and automating cloud security solutions, implementing GitOps-driven workflows, managing IAM and identity governance, and deploying secure-by-design systems using modern DevSecOps practices. The engineer will build and manage logging, monitoring, and configuration management pipelines, integrate CNAPP tools like Wiz for threat detection and compliance, auto remediation capabilities and contribute to T-Mobile’s overall cloud security strategy. This individual will also mentor peers, influence architectural decisions, and ensure alignment with T-Mobile’s enterprise security and compliance standards.What You’ll Do:- Design, develop, and implement secure cloud infrastructure and automation pipelines across AWS and Azure. - Build and maintain GitOps-driven workflows for cloud provisioning, configuration, and deployment. - Develop and maintain golden images (e.g., hardened AMIs, Azure VM templates, container base images) to standardize secure deployments. - Implement and manage Identity and Access Management (IAM) policies, roles, and federations for secure access control. - Develop and integrate cloud logging, monitoring, and observability solutions (e.g., CloudWatch, Azure Monitor, ELK, Prometheus). - Use Ansible for configuration management and automation of cloud and security environments. - Deploy and manage Cloud-Native Application Protection Platforms (CNAPP) such as Wiz for risk detection, compliance, and posture management. - Develop infrastructure as code (IaC) using Terraform for consistent and secure resource provisioning. - Write automation and tooling scripts in Python and Go to enhance cloud security and operations. - Collaborate with DevOps, Security, and Application teams to integrate CI/CD and security automation. - Participate in threat modeling, security assessments, and remediation of vulnerabilities. - Document architecture, design decisions, and security configurations. - Mentor junior engineers and foster best practices in cloud security engineering.What You’ll Bring:- Bachelor’s degree in computer science, Engineering, or related field. - 5–8 years of experience in cloud engineering, DevSecOps, or cloud security roles. - Strong hands-on experience with AWS and/or Azure services and architectures. - Proven ability to build, harden, and maintain golden images for servers, containers, and virtual machines. - Deep knowledge of IAM, security policies, roles, and access automation. - Proven experience with GitOps, Terraform, and Ansible for cloud provisioning and configuration management. - Experience building and maintaining cloud monitoring, logging, and alerting frameworks. - Familiarity with CNAPP platforms (e.g., Wiz, Prisma Cloud, Orca, etc.) and CSPM/CWPP principles. - Proficiency in at least one modern programming language (e.g., Python, Go) - Experience integrating security into CI/CD pipelines and containerized environments (Docker, Kubernetes). - Strong problem-solving, analytical thinking, and collaboration skills. - Excellent written and verbal communication skills.Must Have Skills:- Cloud security engineering, GitOps, IAM, Terraform, Ansible, CNAPP (e.g., Wiz. Prisma Cloud), Python/Go scripting, Cloud logging & monitoring, golden image creation, and CI/CD integration.Nice To Have:- Experience with policy-as-code and compliance automation frameworks. - Knowledge of network security principles, including firewalls, VPCs, and service mesh. - Familiarity with DevSecOps, Zero Trust, and security observability frameworks. - Exposure to GenAI tools or security automation through machine learning (nice to have).
Job Title
Sr. Engineer, Software (Cloud Security) [T500-22443]