What you’ll be doing...

At Verizon, we’re seeking highly technical cloud computing security experts who can analyze, validate and consult on implementation corrective actions to work on minimizing cloud security risk in our multi-cloud environments.

As a member of Verizon’s Cloud Security Integration Services organization you will support the team in its goals of embracing cloud based technologies across multiple providers (Amazon AWS, Oracle OCI, Google GCP, etc.) supporting differing service implementations (IaaS, SaaS, PaaS).Cloud Security Operationsteam requires security skilled staff to support the demands of the business and to care for our customer base.

As a Senior Cloud Security Engineer, you will be a strategic contributor in information security, problem solving and relationship management to lead internal programs aimed at: achieving certification and attestation ofmulti-cloud platformsagainst Verizon security policies, industry standards and regulations, and government regulations, identifying and mitigating security risks in our cloud deployments; ensuring security alignment to corporate policies; and balancing security requirements with the dynamic needs of our users and the values of our company.In this role you will gain valuable experience and insight in protecting Verizon’s multiple cloud environments and will be at the heart of guarding our data and applications against advanced threat adversaries.

Passion and excitement for cloud security and the willingness to learn and build as much knowledge as possible in a fast-paced dynamic environment. Are you up for the challenge?

Responsibilities:

  • Become proficient with corporate and industry security requirements/best practices
  • Stay current on cloud security policies, standards, regulations making recommendations for the company
  • Work closelyand collaborativelywith Information Security Officers (ISOs), IT Portfolios, and Business units to support their needs
  • Act as an advocate of information security policies, standards, controls and as an enabler to the business while managing risk appropriately
  • Manage cloud security products (i.e. Cloud Conformity, Evident.io, Dome9, Redlock.io, etc.)
    • Manage addition/deletion of cloud accounts, ensuring continuous monitoring
    • User administration
    • Signature management and tuning
    • Assist customers with solution integration features
    • Produce reports, scorecards and related metrics
    • Manage vendor(s) to meet the needs of the business
  • Keep stakeholders updated with communications and weekly reporting.
  • Drive mitigation of reported risks from continuous monitoring solutions
  • Track and report on the status of cloud security risks to corporate/industry requirements.
  • Gain deep security-level knowledge of cloud environments, continuous monitoring solutions tounderstand and provide direct guidance for security remediation activities.
  • Partner with enterprise teams to establish preventative controls to support security needs via automation.
  • Act as a focal point in the implementation & delivery of a formalized information security awareness offerings
  • Represent the Security Operations team with various stakeholders including: Infrastructure, Network, Development, Governance, Legal, Security Automation to drive remediation of identified risks, endorse preventative solutions gather requirements, and influence stakeholders to reduce risk and maintain security alignment to corporate and or industry requirements.
  • Maintain strong awareness of cloud security incidents in the external community to identify threats and opportunities for enhancement. Apply those learnings to Cloud Security Operations program and associated solutions.
  • Lead cloud threatintelligence program, responsible for gathering the necessary security intelligence, ensure correlation of threat intelligence with Verizon systems, analyze the resulting threat from the relevant information and then formulate actionable responses and threat mitigation to ensure the protection of Verizon's systems, customer information and brand.
  • Lead evaluation, recommendation, implementation and support third party cloud security ecosystem tools. Examples include:Cloud Conformity, Evident.io, Dome9, Redlock.io, Cloud Custodian,etc.
  • Analyze and recommend cloud cost savings to reduce overall spend
  • Support annual renewal and budgeting needs
  • Provide technical mentoring and knowledge transfer to members of the team.
  • Perform all other duties as assigned.

What we’re looking for...

You'll Need to Have:

  • Bachelor’s degree or four or more years of work experience.
  • Six or more years of relevant work experience.

Even Better if You Have:

  • Master’s degree in Information Technology and or Security
  • Two or more years of experience with AWS/Public Cloud
  • AWS/Public CloudCertified (e.g. Solution Architect Associate Certification)
  • Eight or more years of experience in Security, Compliance and risk management, including privacy, controls, etc.
  • One of more of the following certifications:Google Cloud Certified (GCP) Associate Cloud Engineer (ACE),Oracle Cloud Infrastructure(OCI) Certified Architect Associate (CAA),AWS Certified Solutions Architect – professional, AWS Certified Security – Specialty, CSA Certificate of Cloud Security Knowledge (CCSK), ISC2 Certified Cloud Security Professional (CCSP).
  • Cloud Computing
    • Demonstratedknowledge of multi-cloud platforms (AWS, GCP, Azure, OCI, etc.) to be able to identify and prioritize potential security challenges
    • Demonstrated experience of Infrastructure as a Service (IaaS) cloud platforms, such as: IAM, compute (i.e. EC2, GCE), storage (volume/object), networking (VPC, VCN, Load Balancers, Security Groups/List, NACLs), serverless (i.e. Lambda) etc.
    • Firm understanding of cloud console(s) navigation and CLI execution to research and query/validate potential security risks and of security violations.
    • Knowledge with native cloud security services AWS Trusted Advisor, Amazon Inspector/Google Cloud Security Scanner, AWS Configuration
  • Security Compliance Skills
    • Familiarity with security frameworks CSA, NIST, CIS, PCI DSS, etc.
    • Technical skills to identify and assess cloud security vulnerabilities and risks
    • Expertise in researching & evaluating identified vulnerabilities and riskspose to the organization’s information and systems
    • Ability clearly explain identified risks and recommended remediation
    • Produce and communicate appropriate reporting & metrics to stakeholders (owners)
  • Cloud Security Continuous Monitoring Solutions
    • Demonstrated experience in administration/management of continuous monitoring solutions
      • Account Management: adding/removing cloud accounts
      • Signature Management: tuning of signatures, authoring / deployment of custom signatures
      • Manage continuous monitoring vendors to deliver on the needs of the business
  • Expertise with Jenkins, JIRA, Confluence
  • Understanding of containerization (Docker, Kubernetes, Elastic Container Service) and best practices to secure registries, images, workloads, etc.
  • Ability to clearly communicate technical concepts to all audiences
  • Performance oriented, self-directed ability to drive change & manage multiple projects
  • Appropriate escalation judgement & execution
  • High collaboration and influence skills

22CyberNET

When you join Verizon...

You’ll be doing work that matters alongside other talented people, transforming the way people, businesses and things connect with each other. Beyond powering America’s fastest and most reliable network, we’re leading the way in broadband, cloud and security solutions, Internet of Things and innovating in areas such as, video entertainment. Of course, we will offer you great pay and benefits, but we’re about more than that. Verizon is a place where you can craft your own path to greatness. Whether you think in code, words, pictures or numbers, find your future at Verizon.

Equal Employment Opportunity

We're proud to be an equal opportunity employer- and celebrate our employees' differences,including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. Different makes us better.