What you’ll be doing...

The Product Security team within the Verizon Corporate Information Security (CIS) works to embed security seamlessly into the development lifecycle of technology systems and services. We are looking for an experienced Security Operations Engineer to join our Product Security team.

You will be responsible for the following activities:

  • Collaborate with Ops teams to harden security configuration and ensure up-to-date patch management, and ensure Verizon’s customer-facing products and services remain secure and in compliance.
  • Develop, publish and establish SOPs, processes, policies, checklists for operational security configuration, patch management, vulnerability management etc.
  • Define and automate vulnerability management processes, and implement security policies to address specific vulnerabilities on an ongoing basis.
  • Identify and develop workflow automation to lower identification, response times and eliminate vulnerabilities.
  • Perform and manage vulnerability scans to identify device and system vulnerabilities, and participate in operational planning of vulnerability assessment activities.
  • Act as SME for key security tools, technologies and processes owned by the security team, and troubleshoot, diagnose and resolve hardware, software and system issues.
  • Perform change control and device configuration management activities on all security technologies.
  • Provides management level reporting of all critical intrusion or vulnerability detection tools.
  • Assist in the review, development, testing and implementation of security plans, products and control techniques.

What we’re looking for...

You’ll need to have:

  • Bachelor’s degree in Computer Science, Information Security, Information Systems, Engineering or related work experience.
  • Six or more years of relevant work experience.
  • Experience in performing production operations for a 24/7 environment (SOC, NOC, Operations Center etc).
  • Experience in a security-focused operations role.
  • Experience on network management, network security or endpoint security.
  • Experience with three or more of the following technologies & related tools: Vulnerability Management, Red Teaming, Security Incident Response, Application Security, Cloud Security, Container Security, Intrusion Prevention, Routing and Switching.
  • Willingness to travel.

Even better if you have:

  • A degree.
  • One or more of the following certifications - CEH, CISSP, OCSP, GCIA, GCIH.
  • Ability to possess and maintain a U.S. Government/DoD Clearance.
  • Experience with vulnerability and configuration management/device hardening efforts.
  • Experience with version-control tools such as Git and configuration management tools such as Puppet, Chef, or Ansible.
  • Scripting experience with Perl, Shell, Python, Go or Ruby.
  • Broad vulnerability scanning experience (network, operating system, application, public Cloud, containers).
  • Solid patch management and vulnerability remediation experience.
  • Knowledge and understanding of UNIX / Linux operating systems. Familiarity with common UNIX and Windows utilities, diagnostic and monitoring tools.
  • Knowledge APT actors; their tools, techniques, and procedures.
  • Knowledge of Mitre Att&ckTM and Cyber Kill Chain methods and frameworks.
  • Knowledge of network protocols, LAN, WAN, SSL, Firewall, Load Balancer, and DMZ configurations.
  • Knowledgeable of the PCI (Payment Card Industry) data security standard and other regulatory concerns (SOX, FCRA, FISMA, etc.)
  • Knowledge of compliance best practices and knowledge in implementing programs for maintaining compliance for a highly regulated business environment.
  • Experience in implementing security infrastructure in public cloud environments (AWS, GCP, etc.)
  • Experience developing specifications and managing security controls across IAM, authentication, SSO, PKI and key management, asset inventory and tagging, encryption technologies, security hardening, native cloud service hardening, and container security.
  • Experience with IAAS systems administration, automation and orchestration tools.
  • Experience determining newest technologies and processes that create noticeable improvements to the overall security of the system.
  • Experience participating in or leading compliance assessments and audits.
  • Ability to produce and publish quality technical documentation and communicate information to teams, customers, and management.
  • Strong communication, presentation, and leadership skills along with the ability to work in a highly collaborative environment.
  • Good organizational and interpersonal skills.
  • Strong critical thinking and problem solving skills.

22CyberOPS

When you join Verizon...

You’ll have the power to go beyond – doing the work that’s transforming how people, businesses and things connect with each other. Not only do we provide the fastest and most reliable network for our customers, but we were first to 5G - a quantum leap in connectivity. Our connected solutions are making communities stronger and enabling energy efficiency. Here, you’ll have the ability to make an impact and create positive change. Whether you think in code, words, pictures or numbers, join our team of the best and brightest. We offer great pay, amazing benefits and opportunity to learn and grow in every role. Together we’ll go far.

Equal Employment Opportunity

We're proud to be an equal opportunity employer - and celebrate our employees' differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. Different makes us better.