What you’ll be doing...

Are you ready to upgrade your career in security?

At Verizon we believe technology should help you achieve more. And we help businesses do exactly that almost daily — co-creating innovative connected products, rapidly and securely deploying apps in the cloud, managing employee-owned devices on a global scale, and deflecting sophisticated hacker attacks. In support of our world leading position in Cyber Security, we have recently launched a new service, the Computer Emergency Response Team (CERT).

Our newly offered service will constitute of a designated CSIRT Consultant full time or as a shared resource, who will work as a contact and communications point between our security services team and customers’ security and IT staff as well as users and other important stakeholders. You will also be responsible for operating the incident management process in accordance with the procedures designed in cooperation with customer.

Responsibilities:

  • Receive and monitor incident information from Verizon managed security services and other sources.
  • Review the collected incident data and confirm or reject incidents based on the analysis.
  • Classify and prioritize incidents based on established criteria.
  • Facilitate communication between stakeholders of the status of the incident.
  • Coordinate the mitigation effort based on the available information and established processes.

Additional Responsibilities:

  • Make mitigation decisions and facilitate decision making by other parties using established escalation process.
  • Communicate with the affected users and stakeholders to organize the mitigation effort.
  • Verify the effectiveness of mitigation actions taken.
  • Identify the attack vector of used by incident and confirm take actions to confirm that similar incidents are prevented in the future.
  • Validate the effectiveness of the eradication actions.
  • Coordinate forensics activities with relevant teams if necessary.
  • Coordinate the recovery actions.
  • Confirm that the recovery effort was successful.
  • Confirm that all temporary mitigation efforts have been removed.
  • Update stakeholders on the status of the recovery effort; Conduct a root cause analysis for the incident.
  • Communicate the results of the root cause analysis to Customer and stakeholders to prevent similar incidents in the future.
  • Analyze the incident response effort, with feedback from Customer and third parties. Identify and analyze any mistakes as well as good decisions done during response process.
  • Use the results of the analysis as an input for improvements, such as incident response.
  • Proactive management of Monitoring and Analytics solution.
  • Help develop operational metrics to illustrate risk reduction over time.
  • SPOC in case of technical escalations.

What we’re looking for...

You'll need to have:

  • Bachelor’s degree in Computer Science or four or more years of work experience.
  • Four or more years of relevant work experience.
  • Strong passion for cyber security.
  • Three or more years’ of experience in a dedicated security position.
  • Two or more years of experience in security operations, risk management, operational management, and/or consultant management.
  • Strong communication skills and ability to engage with customers at both technical and executive levels.
  • Clear and concise written and oral communication skills, including the ability to produce professional-level documentation.
  • Strong problem-solving and security analytics skills; abilityto identify gaps in processes and recommend improvements for mitigation.
  • Strong leadership skills and a proactive approach to customer issues.
  • Ability to excel in dynamic environments.
  • Strong knowledge of common types of web attacks, their attack vectors, how to detect and mitigate them.
  • Knowledge with the current OWASP Top 10 and how they are generally used.

Even better if you have:

  • A degree.
  • Strong skills on WAF management, preferably ModSecurity.
  • Basic skill on Python and Regex.
  • Strong log analytics skills.
  • SANS or other Security certifications, such as GCIA, GCIH, GREM, GPEN, CEH.
  • CISSP Certification.
  • ITIL Foundations training / certification.
  • Knowledge of ISO 27001 requirements.
  • Experience in Security Operation Centre (SOC) processes.
  • Knowledge of common types of malware, their infection vectors, how identify them using network and host based tools, how to eradicate them and verify the success of eradication efforts.
  • Knowledge of current security threats and vulnerabilities, how to detect and mitigate them, ability to understand their possible consequences on the customer’s environment.
  • Knowledge of modern technologies used to detect and deter attacks, malware and vulnerabilities and protect assets.
  • Knowledge of modern network and cloud technologies.

When you join Verizon...

You’ll be doing work that matters alongside other talented people, transforming the way people, businesses and things connect with each other. Beyond powering America’s fastest and most reliable network, we’re leading the way in broadband, cloud and security solutions, Internet of Things and innovating in areas such as, video entertainment. Of course, we will offer you great pay and benefits, but we’re about more than that. Verizon is a place where you can craft your own path to greatness. Whether you think in code, words, pictures or numbers, find your future at Verizon.