What you’ll be doing...

As our Penetration Testing and Red Team Manager (Manager, Penetration Testing and Red Teaming) you will report to the Corporate Information Security (CIS) Director of Security Operations and will be responsible for leading and managing the delivery of penetration testing and red teaming services across the Verizon enterprise and business units. You will be responsible for the establishment, maintenance and execution testing standards, processes, procedures, and operations to support the security testing needs of applications, platforms, technologies, processes and systems to identify vulnerabilities and weaknesses that can be exploited by threat actors.

As the Manager, Penetration Testing and Red Teaming, you will be able to translate the Penetration Testing and Red Teaming delivery strategy into actionable and measurable activities and have sound technical and managerial skills to ensure that the identified activities are effectively executed to meet Verizon business goals. Specifically, the successful candidate will possess an effective aptitude in security of operating systems, networking and protocols, firewalls, databases and middleware applications, forensics, and scripting and programing with the ability to lead technical testing experts and effectively translate highly technical information to CIS internal customers in a way that supports CIS and broader Verizon goals.

You will maintain processes and management services to ensure the ability of Verizon internal consumers to effectively engage the enterprise testing teams to request and receive testing services to support business objectives that support established service level agreements (SLAs) and operating level agreements (OLAs). You will maintain the single front door process to provide a consistent experience for engagement of Verizon internal consumers and consistent, repeatable results consistent with Verizon policy. Also, you will ensure that quality assurance processes are maintained to assess and improve enterprise testing service delivery and to assess delivery of testing services within the broader Verizon enterprise.

You will be responsible for establishing a Penetration Testing and Red Teaming Center of Excellence. To support the effective establishment of the COE, you will 1) develop a clear enterprise vision and approach to engaging and delivering penetration testing and red teaming, 2) establish and foster partnership and trust between the testing teams and business, 3) integrate process optimization and innovative engineering efforts, 4) develop and promote best practices as enterprise standards, 5) establish capabilities to provide technical guidance to support standards adoption and quality control, and 6) drive process maturity within the organization by aligning short-term business unit needs with Verizon log-term enterprise goals.

  • Lead the enterprise-wide penetration testing and red teaming capabilities by setting the vision and establishing direction to identify material risks and vulnerabilities based on cutting edge tools, tactics and protocols in use by potential threat actors.
  • Build and maintain relationships with other IT, network, and security leaders to develop a clear understanding of business needs; ensure cost-effective delivery of penetration testing and red teaming services to meet those needs, and is able to respond with agility to changing business priorities.
  • Direct and oversee the penetration testing and red teaming center of excellence to develop and promote best practices and standards, innovate and optimize testing capabilities, and drive maturity and transparency across the enterprise security testing landscape.
  • Maintain and oversee the execution of the coordinated enterprise-level Verizon red teaming exercise program that effectively tests system and process security controls and response procedures to help mature Verizon security posture against simulated real-world threats.
  • Work effectively with business units to facilitate security penetration testing and red team assessments to support new system testing, vulnerability remediation, post-incident remediation validation, and proactive identification of threats and vulnerabilities to support operational risk assessment and management processes and efforts.
  • Manage the cost-efficient delivery of penetration testing and red teaming services within an organizational structure potentially consisting of direct reports and dotted line reports. This includes ensuring hiring, training, staff development, performance management, and annual performance reviews are aligned and effectively executed to continue to grow the skills and capabilities in accordance with Verizon’s strategic needs.
  • Build the necessary internal relationships and communication networks among the broader information security team and line-of-business executives, corporate compliance, audit, physical security, legal and HR management teams to ensure continued alignment as required.
  • Monitor the external threat environment for emerging threats, and advise relevant stakeholders on the appropriate courses of action.

What we’re looking for...

You’ll need to have:

  • Bachelor’s degree or four or more years of work experience.
  • Six or more years of relevant work experience.

Even better if you have:

  • Bachelor’s degree in Engineering or Information Technology. Ideally, your Master’s degree in a technical discipline.
  • Six or more years of experience in a combination of penetration testing and red teaming security operations (at least four in a significant leadership role).
  • Proven track record and experience in effective penetration testing and red teaming, as well as successfully executing programs that meet the objectives of excellence in a dynamic business environment.
  • Ability to be a strategic people leader and proven capability to energize the appropriate teams in the organization; proven leadership in advanced information systems combined with broad business acumen.
  • Proven track record of building, training, and developing a high-performing team; ability to lead and motivate the team to achieve tactical and strategic goals.
  • Demonstrated excellent written and verbal communication skills, interpersonal and collaborative skills, and the capability to communicate information security and risk-related concepts to technical and nontechnical audiences at various hierarchical levels, ranging from board members to technical specialists.
  • Demonstrated ability to be a critical thinker with strong problem-solving skills; demonstrated excellent analytical skills, the ability to manage multiple projects under strict timelines, as well as the ability to work well and thrive in a demanding, dynamic environment and meet overall objectives.
  • Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework.
  • Professional security management certification, such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Offensive Security Certified Professional (OCSP) or other similar credentials.
  • Project management skills: financial/budget management, scheduling and resource management.
  • Experience with contract and vendor negotiations.

22CyberOPS

When you join Verizon...

You’ll be doing work that matters alongside other talented people, transforming the way people, businesses and things connect with each other. Beyond powering America’s fastest and most reliable network, we’re leading the way in broadband, cloud and security solutions, Internet of Things and innovating in areas such as, video entertainment. Of course, we will offer you great pay and benefits, but we’re about more than that. Verizon is a place where you can craft your own path to greatness. Whether you think in code, words, pictures or numbers, find your future at Verizon.

Equal Employment Opportunity

We're proud to be an equal opportunity employer- and celebrate our employees' differences,including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. Different makes us better.