What you’ll be doing...

As part of the Compliance team, you will function as a Subject Matter Expert (SME) on security policies and requirements that comply with required laws, regulations, contracts and VZ Corporate policy with a core focus on Verizon's IT Security Requirements and Standards (ITSRs). You’ll be responsible for the overall ownership of the ITSRs’ documents and guidance.

  • Provide overall governance and coordination across all Information Security teams to gather new/revised security requirements that provide guidance and clarification of IT based controls supporting Verizon’s CPI-810 policies and specific compliance initiatives.
  • Create new requirements documentation and provide all project management functions required to usher the revised documents through the executive Security teams for approval and publishing.
  • Review existing security requirements and publish updates at least annually noting any documented changes or that the review process validated existing requirements. Gain executive approval for all changes.
  • Act as the SME and owner/publisher of these security documents using a common framework, such as Confluence, SharePoint, and Web Page, and process and publish new requirements.
  • Coordinate across multiple organizations to deliver security information/control summaries for new security requirements documents and any major revisions to existing security requirements documents.
  • Own and manage all facets and provide IT Security Compliance leadership across the large volume of ITSR documentation.
  • Provide ongoing tracking and overall management of all new/updated ITSR documentation.
  • Act as an overall SME on existing security policies and associated ITSR documents, and translate this information to both technical and non-technical levels.
  • Work across multiple security organizations to gather new and revised security requirements and then translate those requirements into a consistent and cohesive ITSR document or standard to provide increased guidance to the IT teams on the application of CPI-810 or other industry specific compliance requirements (e.g. PCI-DSS).
  • Champion these changes through an effective review process, including approval reviews with senior level security teams and publish the final approved documentation for consumption by all IT teams.
  • Develop and track progress against an annual roadmap of planned ITSR additions and changes.
  • Provide executive level readouts at least quarterly, demonstrating actual versus planned and any major revisions required for business/priority changes.
  • Work with the appropriate finance teams to manage requests for budget items to complete annual roadmap.
  • Work with the CPI-810 governance team to understand upcoming changes and then communicate the associated ITSR impacts.
  • Provide subject matter guidance and support to other IT Security teams with ad-hoc requests for guidance documentation and presentations (e.g. Quick Reference Guides, Security Guidance for recent IT issues, Compliance Communications).
  • Review/contribute to all executive level status updates and periodic security program updates to ensure an accurate and complete message is being conveyed to the executive teams.
  • Act as a SME on security policies, standards and requirements, and provide structured guidance and training across the IT and security teams (e.g. Brown bag sessions).
  • Coordinate development and updates of training programs with the Verizon Learning Development teams.

What we’re looking for...

You’ll need to have:

  • Bachelor’s degree or four or more years of work experience.
  • Four or more years of relevant work experience.
  • IT or related experience, such as Information Security, Software Development or Technical Analyst experience.
  • Experience translating technical IT and/or security related information and controls into structured and governed formats.

Even better if you have:

  • Bachelor’s degree in Information Systems or related field.
  • CISA/CISM certification or eligibility to obtain.
  • Experience creating documented IT Security policies and/or requirements.
  • Experience managing policy or control updates within an existing GRC framework.
  • Demonstrated understanding of PCI DSS requirements and how they translate to IT systems.
  • Extremely strong written and verbal communication skills, including the ability to prepare and provide senior leader level project/issue presentations using MS PowerPoint, Visio and Excel.
  • Strong background in information security or another IT based discipline.
  • Strong knowledge of information security fundamentals, best practices and industry standards.
  • Demonstrated project management, requirements analysis and technical writing skills.
  • Demonstrated understanding of the IT SDLC processes, both agile and traditional.
  • Demonstrated ability to work collaboratively across various technical and project management organizations including all levels of leadership.
  • Excellent technical/project related problem solving skills.
  • Demonstrated understanding of corporate security policies and how they apply across an IT portfolio.
  • Experience providing complex technical procedural documentation and guidelines, including a proven ability to translate very technical IT concepts successfully across both technical and non-technical audiences.
  • Working knowledge of NIST CSF.

When you join Verizon...

You’ll be doing work that matters alongside other talented people, transforming the way people, businesses and things connect with each other. Beyond powering America’s fastest and most reliable network, we’re leading the way in broadband, cloud and security solutions, Internet of Things and innovating in areas such as, video entertainment. Of course, we will offer you great pay and benefits, but we’re about more than that. Verizon is a place where you can craft your own path to greatness. Whether you think in code, words, pictures or numbers, find your future at Verizon.

Equal Employment Opportunity

We're proud to be an equal opportunity employer- and celebrate our employees' differences,including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. Different makes us better.