What you’ll be doing...

At Verizon we believe technology should help you achieve more. And we help businesses do exactly that almost daily -co-creating innovative connected products, rapidly and securely deploying apps in the cloud, managing employee-owned devices on a global scale, and deflecting sophisticated hacker attacks. In support of our world leading position in Cyber Security, we have a service, the Computer Security Incident Response Team (CSIRT).

Verizon’s service will constitute of designated Security Indicent Responders,full time or as a shared resource, who will work with Verizon’s security services teams and Customer’s security and IT staff as well as users and other important stakeholders. The Security Incident Responder will be working within the incident and change management process in accordance with the procedures designed in cooperation with the Customer.

The Security Incident Responderis an expert in the field of security incident response. Successful candidates typically have 3-5 years of information security experience with strong focus on Incident Response as well as technical certifications to reinforce their practical experience. The Security Incident Responder has strong coordination, communication and collaborations skills as well as a good technical and architectural understanding.

On a day to day basis the Security Incident Responder will assist with identifying and responding to incidents as well as proactively proposeimprovements for how to reduce risk and potential future incidents.

Duties:

  • Receive and monitor incident information from Verizon managed security services and other sources;
  • Review the collected incident data and confirm or reject incidents based on the analysis;
  • Classify and prioritize incidents based on established criteria;
  • Facilitate communication between stakeholders of the status of the incident;
  • Coordinate the containment effort based on the available information and established processes;
  • Participate in the Change Management process by reviewing changes for any possible security impact.

Additional Duties:

  • Make containment decisions and facilitate decision making by other parties using established escalation process;
  • Communicate with the affected users and stakeholders to organize the containment effort;
  • Verify the effectiveness of containment actions taken;
  • Identify the attack vector used and take action to confirm that similar incidents are prevented in the future;
  • Validate the effectiveness of the eradication actions;
  • Coordinate forensics activities with relevant teams if necessary;
  • Coordinate the recovery actions;
  • Confirm that the recovery effort was successful;
  • Confirm that all temporary containment efforts have been removed;
  • Update stakeholders on the status of the recovery effort;
  • Conduct a root cause analysis for the incident;
  • Communicate the results of the root cause analysis to Customer and stakeholders to prevent similar incidents in the future;
  • Analyze the incident response effort, with feedback from Customer and third parties. Identify and analyze any mistakes done as well as good decisions taken during the response process;
  • Use the results of the analysis as an input for improvements, such as incident response;
  • Proactive management of Monitoring and Analytics solution;
  • Help develop operational metrics to illustrate risk reduction over time;
  • SPOC in case of technical escalations;
  • Understand the overall security requirements from the Customer: what is (not) allowed inside the environment? Apply that knowledge by assessing changes being requested to the technical infrastructure.

What we’re looking for...

You'll need to have:

  • Bachelor’s degree in Computer Science or related field, plus at least 3-5 years’ experience in a dedicated security position;
  • 2 years of experience in security operations, risk management, operational management, and/or consultant management;
  • Strong communication skills and ability to engage with customers at both technical and executive levels;
  • Clear and concise written and oral Dutch & English, including the ability to product professional-level documentation;
  • Strong problem-solving and security analytics skills, able to identify gaps in processes and recommend improvements for mitigation;
  • Strong leadership skills and a proactive approach to customer issues;
  • Ability to excel in high pressure environments.

Even better if you have:

  • Strong SIEM (SPLUNK, QRadar,…) and log analytics skills;
  • SANS or other Security certifications, such as GCIA, GCIH, GREM, GPEN, CEH;
  • CISSP Certification;
  • ITIL Foundations training / certification;
  • Knowledge of ISO 27001 requirements;
  • Experience in Security Operation Centre (SOC) processes;
  • Knowledge of common types of malware, their infection vectors, how identify them using network and host based tools, how to eradicate them and verify the success of eradication efforts;
  • Knowledge of current security threats and vulnerabilities, how to detect and mitigate them, ability to understand their possible consequences on the customer’s environment;
  • Understanding of modern technologies used to detect malware and vulnerabilities and protect asses;
  • Understanding of modern network and cloud technologies.

When you join Verizon...

You’ll have the power to go beyond – doing the work that’s transforming how people, businesses and things connect with each other. Not only do we provide the fastest and most reliable network for our customers, but we were first to 5G - a quantum leap in connectivity. Our connected solutions are making communities stronger and enabling energy efficiency. Here, you’ll have the ability to make an impact and create positive change. Whether you think in code, words, pictures or numbers, join our team of the best and brightest. We offer great pay, amazing benefits and opportunity to learn and grow in every role. Together we’ll go far.