Analyst, Cybersecurity Policy and Compliance – Government

T-Mobile

Description:

At T-Mobile, we invest in YOU!  Our Total Rewards Package ensures that employees get the same big love we give our customers.  All team members receive a competitive base salary and compensation package – this is Total Rewards. Employees enjoy multiple wealth-building opportunities through our annual stock grant, employee stock purchase plan, 401(k), and access to free, year-round money coaches. That’s how we’re UNSTOPPABLE for our employees!

This is a hybrid role (3/2) and can be worked in Overland Park, KS, Bellevue, WA, Atlanta, GA, Frisco, TX or Reston, VA.

Are you ready to make a difference in the world of Wireless Security? Then come join our team as our latest Analyst, Cybersecurity Policy and Compliance! As a member of the Cybersecurity Policy and Compliance – Government team, you have the unique opportunity to have direct and measureable impact on T-Mobile’s compliance with regulatory, contractual requirements, and security policies.

You will be instrumental in enabling T-Mobile’s compliance to various regulations and audits such as: Cybersecurity Maturity Model Certification (CMMC), NIST 800-171 and various federal, state and local government contractual obligations.

This individual will represent government compliance in support of the business and technology organizations. Translate regulatory and contractual requirements into process and system impacts and functional requirements designed to ensure operational compliance. Work to document the accreditation boundary, develop controls, conduct effectiveness testing, and support audit activities. They will identify and manage remediation activities, prepared reports, provide input to compliance strategies, propose security tools, and process changes. Build strong working relationships and partnerships within own organization and across technology and business teams; optimally communicate the status, risks, and issues associated with the compliance program.

Responsibilities:

  • Works with multi-functional groups and staff in the creation and testing of procedures, standard or regulatory controls to ensure the security and privacy of information on T-Mobile’s Network. Develops and maintains SSP and POAMs
  • Participate in information security review of new technologies, designs, and remediation planning efforts.
  • Serves as liaison between Cybersecurity, IT Operations, engineering, upper management and department representatives to further the adoption of and support for compliance plans, procedures, and regulatory controls.
  • In collaboration with our partners, evaluate complex technologies, systems, processes and controls to identify security risks and compliance gaps; work jointly with partner teams for resolution; handle escalations and resulting timelines to ensure compliance
  • Investigates potential compliance failures, identifying security needs and recommends plans/resolutions. Implements, tests and monitors cybersecurity compliance improvements
  • Supports the collection and documentation of an accurate inventory of technology, processes and people that are required to align with regulations, industry standards, and company policies
  • Contribute to security projects driven by groups both internal and external to info security.
  • Also responsible for other Duties/Projects as assigned by business management as needed.

Highly Desired Qualifications:

  • Experience or knowledge of Coding/Scripting
  • Experience with IT governance, compliance, risk and audit programs
  • Previous experience with CMMC, NIST 800-171 compliance or similar compliance activities such as SOX, PCI, etc.
  • Experience supporting audits and assessments
  • IT security control development, control testing, risk remediation, and reporting
  • Knowledge of IT or Network technology
  • Experience with one or more of the following: MS Office, SIEM, Archer, ServiceNow

Qualifications:

  • Bachelor’s Degree in Computer Science or Information Technology, or equivalent experience
  • 2-4 years’ experience in security technology or related field
  • U. S. Citizenship
  • Knowledge, skills and abilities: Communication, Security, ITIL (preferred) and NIST frameworks (preferred)
  • Licenses and certifications: CISM, CISSP and CISA are preferred
  • Understand/solve problems
  • Use technology/instruments/tools/information systems
  • Adapt to frequent interruptions, changes in priorities and/or work locations
  • Articulate/Comprehend verbal and written information
  • Work under specific instruction
  • Plan, prioritize, and structure daily activities
  • Interact with others in a manner appropriate to the situation
  • At least 18 years of age
  • Legally authorized to work in the United States