What you’ll be doing...

Verizon Connect is looking for a Manager of Product Security. This role will have management responsibility for developing and implementing a comprehensive enterprise cyber security engineering program that includes the oversight and execution of the application security and process engineering discipline. This role is responsible for oversight of the Security Systems Lifecycle Management process including identification of inefficiencies and vulnerabilities within development processes consistent with architecture & engineering goals, industry standards, and technology resources. The ideal candidate possesses a unique blend of project management and technical skill. The candidate will lead and drive implementation of industry leading tools to better enable secure development process, develop security workflow automation and focus on remediation management efforts.

Key Areas of Responsibility:

    • Responsible for development, oversight of implementation and ongoing operation of Security Systems Development Lifecycle Management
    • Mentor, coach, develop and support team members of the Product Security group
    • Collaborate and partner with other Security and Technology leaders
    • Develop strategy and direction for the global Security Systems Lifecycle Management process
    • Provide security training and oversight for key technology and development organizations.
    • Development of sound security policies and procedures around secure engineering at product level;
    • Participate in security projects;
    • Develop expertise to function as subject matter expert in multiple technical or business disciplines;
    • Ensure all products are tested to best practice standards and on time with results posted to the ticketing system within the secure engineering defined timeframes.
    • Ensure that all documentation and vulnerability reporting is clear and concise for the purpose of resolution by the resolving party.
    • Ensure the functionality and uptime of all in production systems.
    • Ensure full support of security incidents where required including incident analysis, log analysis, end point assessment and working with leading edge IDS and firewall systems.

      Basic Qualifications:

      • The individual must have 2+ years experience in a management role;
      • The individual must have 3+ years’ experience in a application security and/or penetration testing role with incident response involvement;
      • A strong understanding of information and cyber security principles and best practices
      • Strong knowledge of Operating System, web server and database vulnerabilities and secure configuration settings;
      • Working knowledge of the principles of implementation and operation and experience with security technology such as static code analysis, dynamic code analysis, web application firewalls, etc.
      • Strong knowledge of threats and vulnerabilities associated with application and network security;
      • Understanding of current, popular attack vectors including phishing, drive-by downloads, exploit kits, and server exploitation;
      • Strong understanding of common security threats with the ability to assess and analyse root cause, potential incident path and scope and suggested remediation paths.
      • Strong knowledge of OWASP, CVSS and current security developments;
      • Ability to create and maintain technical documentation;
      • Demonstrated ability to work effectively in an ambiguous environment;
      • Demonstrated ability to work across geographical locations;
      • General knowledge of encryption techniques include key management;
      • General knowledge of system and network forensic tools and techniques;
      • Strong oral and written communications skills;
      • BS or advanced degree in computer science or related discipline preferred;
    • Preferred/Optional Skills:

      • OSCP, OSCE, SANS GCIH and GPEN/GXPN and other security related certifications a plus.
    • Education:

      Bachelors in computer science, engineering, or related technical field desired

What we’re looking for...

Basic Qualifications:

    • The individual must have 2+ years experience in a management role;
    • The individual must have 3+ years’ experience in a application security and/or penetration testing role with incident response involvement;
    • A strong understanding of information and cyber security principles and best practices
    • Strong knowledge of Operating System, web server and database vulnerabilities and secure configuration settings;
    • Working knowledge of the principles of implementation and operation and experience with security technology such as static code analysis, dynamic code analysis, web application firewalls, etc.
    • Strong knowledge of threats and vulnerabilities associated with application and network security;
    • Understanding of current, popular attack vectors including phishing, drive-by downloads, exploit kits, and server exploitation;
    • Strong understanding of common security threats with the ability to assess and analyse root cause, potential incident path and scope and suggested remediation paths.
    • Strong knowledge of OWASP, CVSS and current security developments;
    • Ability to create and maintain technical documentation;
    • Demonstrated ability to work effectively in an ambiguous environment;
    • Demonstrated ability to work across geographical locations;
    • General knowledge of encryption techniques include key management;
    • General knowledge of system and network forensic tools and techniques;
    • Strong oral and written communications skills;
    • BS or advanced degree in computer science or related discipline preferred;

Preferred/Optional Skills:

    • OSCP, OSCE, SANS GCIH and GPEN/GXPN and other security related certifications a plus.

Education:

Bachelors in computer science, engineering, or related technical field desired

VZConnect

When you join Verizon...

You’ll be doing work that matters alongside other talented people, transforming the way people, businesses and things connect with each other. Beyond powering America’s fastest and most reliable network, we’re leading the way in broadband, cloud and security solutions, Internet of Things and innovating in areas such as, video entertainment. Of course, we will offer you great pay and benefits, but we’re about more than that. Verizon is a place where you can craft your own path to greatness. Whether you think in code, words, pictures or numbers, find your future at Verizon.