What you’ll be doing...

The primary responsibilities of the Security Threat & Risk Analyst as a part of the Verizon Cyber Risk Services - Cyber Risk Program & Verizon Risk Reporting Programs is to perform regular & ongoing cyber threat, risk, and compliance assessments to identify potential threats, risks and compliance issues, devise the strategy and methods for developing and implementing appropriate defenses with countermeasures, remediation, policy & process improvement recommendations to the customer's security & risk posture.

In this role you would provide regular, continuous cyber security, threat, risk and compliance assessments, reports and prioritized recommendations as well as consultative support to assigned client(s). This role will require some travel to occasionally work on-site at customer locations, both domestic and internationally. Verizon leverages other products and services within the Verizon Security Service portfolio, whose goal is the pursuit of providing market-leading security services that reduces risk for our customers. The methodologies, essential practices, and risk intelligence used by these teams have been proven in the industry.

Primary Responsibilities:

  • Provide exceptional delivery of security risk assessments and analytics in order to prepare planned, measurable, and practical corrective actions.
  • Conducts independent assessments of security controls implemented across the customer’s environment in comparison to industry standards and synergistic risk reduction.
  • Through the assessment process, examine the relationship between people, processes, and technology, and their effects on information confidentiality, integrity, and availability.
  • Perform risk identification and provide detailed guidance on mitigation or remediation as well as providing recommendations on security policies and initiatives.
  • Lead formal presentations to deliver assessment results and in a simple, coherent, informative manner, identifying issues that require involvement from upper management.
  • Review risk metrics results and provide input to information security reporting and dashboards.
  • Analyze discovery scan data and vulnerability data to determine unusual use configurations, discovery of aged software, patch validation, and proper identification of high-severity vulnerabilities.
  • Create and maintain a culture of partnership and collaboration to ensure that our customers can respond confidently and appropriately to the rapidly evolving security landscape.
  • Understand how to quantify risk using threat likelihood, implementation state, and business impact variables and then how to prioritize risk initiatives based on business need, compliance requirements, and/or risk reduction.
  • Identify and remove false positive findings and/or downgrade certain vulnerabilities based on Verizon Risk Intelligence.
  • Improving the quality and performance of reporting deliverables by identifying and implementing process and technology improvements, including expanding the use and automation tools and processes.
  • Collaborate with customer stakeholders on key IT and Security projects.
  • Understands the changing nature of the threat landscape and therefore understands the necessity of being able to adapt and respond appropriately to changing requirements and objectives.
  • Develop and communicate plans to address changing threat landscape for assigned client(s).
  • Maintain quality and performance indicators in order to meet service delivery targets and quality goals.
  • Provide incident response support for security events including intrusion detection, malware infections, and denial of service attacks, privileged account misuse and network breaches.

What we’re looking for...

You'll need to have:

  • Bachelor’s degree or four or more years of work experience.
  • Four or more years of relevant work experience.
  • Three or more years of experience conducting risk assessments based on one or more of the following standards and frameworks: PCI, ISO/IEC 27001/27002, NIST 800 Series, NIST CSF/RMF, etc.
  • Ability to travel up to 50% of the time to conduct on-site assessments, build customer rapport, maintain positive customer relationships, and mitigate issues.
  • Automation scripting experience (for the purpose of parsing data) with python, bash, sql, or other language.

Even better if you have:

  • A degree in Computer Science, Math, Statistics, Data Science, Computer/Electrical Engineering, Information Security (or related field).
  • Experience in behavioral, audit, security, and/or policy compliance analysis.
  • Experience running, managing, and analyzing network and application discovery scan data and vulnerability data to determine unusual use configurations, discovery of aged software, patch validation, and proper identification of high-severity vulnerabilities.
  • Experience in secure internetworking technologies such as firewalls, intrusion detection systems, intrusion prevention systems, VPN’s, wireless, phishing, reputational, and group policies as they relate to the security and risk posture of a client organization.
  • Experience in analyzing application, cloud security, wireless, and mobile device vulnerabilities and developing plans for remediation.
  • Knowledge of cyber threat indicators.
  • A current, active security certification such as CISSP, CISM, CISA, C|EH, C\IH, CRISC, GWAPT or equivalent SANS certification.
  • ITIL, Six Sigma or other equivalent Service Management/Quality Management certification a plus.
  • Experience working in multidisciplinary, high-performance teams/groups.
  • Experience in qualitative and quantitative risk analysis.
  • Ability in public speaking/presentation experience & presence.

When you join Verizon...

You’ll be doing work that matters alongside other talented people, transforming the way people, businesses and things connect with each other. Beyond powering America’s fastest and most reliable network, we’re leading the way in broadband, cloud and security solutions, Internet of Things and innovating in areas such as, video entertainment. Of course, we will offer you great pay and benefits, but we’re about more than that. Verizon is a place where you can craft your own path to greatness. Whether you think in code, words, pictures or numbers, find your future at Verizon.

Equal Employment Opportunity

We're proud to be an equal opportunity employer- and celebrate our employees' differences,including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. Different makes us better.