MoveTheWorldForwardTogether

When you join Verizon

Verizon is a leading provider of technology, communications, information and entertainment products, transforming the way we connect across the globe. We’re a diverse network of people driven by our ambition and united in our shared purpose to shape a better future. Here, we have the ability to learn and grow at the speed of technology, and the space to create within every role. Together, we are moving the world forward – and you can too. Dream it. Build it. Do it here.

What you’ll be doing...

*Open to remote location, candidate dependent*

The Executive Lead - Platform Security is a critical member of the CISO leadership team, focused on enabling the secure delivery of products and platforms; working with Verizon technology leaders and partners. We are looking for a transformational business leader that inspires creativity, and strong competency in setting strategy for cyber security for consumer and enterprise products. The Platform Security Leader shall have significant working security experience, knowledge and accreditation in the design, implementation and operation of security programs and controls in the following areas:

Agile & DevOps Methodologies – Deep understanding of or experience as a contributing member of a balanced team within an Agile development or DevOps environment. Focus on security-as-code and continuous compliance practices.

Application Security - Experience with the design of security controls for business solutions including the design of application-level access and entitlement management, data tenancy and isolation, encryption, and logging.

Infrastructure Security – Experience with the integration of common infrastructure security technologies and solutions into business solution architectures including the integration of identity & access management, intrusion detection and prevention, security monitoring, and data encryption solutions.

Cloud Security –Technical understanding of virtualization, cloud infrastructure, and public cloud offerings and experience designing security configuration and controls within cloud based solutions

Operational Security – Experience with defining operational models and procedures for business solutions including the operation and maintenance of infrastructure and application security controls.

Information Security Standards and Frameworks – Knowledge of common information security standards such as: ISO 27001/27002, NIST CSF, FEDRAMP, CSA and CIS Controls.

The Platform Security Leader will oversee a team of security professionals responsible for:

Platform Security Strategy:

  • Develop, implement and operationalize product and service security strategy
  • Govern and enforce the effective implementation of product security practices
  • Design, implement and manage a scalable platform of product security services
  • Work closely with key stakeholders including engineers and product managers to pragmatically and quickly bring to market new products and enhancements to existing products and provide thought leadership on improving security posture and customer expectations

Developer Enablement:

  • Develop and implement across the organization a secure DevOps model as it relates to product code and delivery, including package signing, transmittal, etc.
  • Provide training, coaching, and expert consultation in secure development practices to the business and development teams

Products Security Review:

  • Establish and lead a team of reviewers to conduct security reviews of digital and cloud products to provide “advisory services”, guidance and support.
  • Support product regulatory compliance efforts
  • Lead team of advanced penetration testers to perform testing on product portfolio
  • Coordinate and track remediation of significant product review findings

Products Security Incident Monitoring and Coordination:

  • Work with Cyber Defense team, Fraud and other security monitoring teams to establish appropriate logging and monitoring of threat activity
  • Coordinate response to product security incidents

What we’re looking for...

  • 15+ years security experience; preferably in securing new products and cloud platforms; with at least six years in a significant leadership role
  • 10+ years people management with a proven track record of building, training, and developing a high-performing team; ability to lead and motivate an organization of security professions to achieve tactical and strategic goals, even when only "dotted line" reporting lines exist
  • 5+ years experience implementing threat modeling programs and performing threat modeling on cloud products
  • Strategic leader and builder of both vision and bridges, and able to energize the appropriate teams in the organization; proven leadership in advanced information systems combined with broad business acumen, which extends beyond the functional responsibilities of the role
  • A thorough understanding of industry best practices in information security
  • Experience assessing digital and cloud products to meet regulatory, legal and risk requirements
  • Experience working on cross-functional teams including engineering, products teams, legal and security
  • Experience performing risk and threat assessments as part of product development
  • Extensive exposure and experience with communicating and presenting to executive stakeholders including engineering, legal and C-suites.
  • Extensive experience with agile methodology development
  • Experience with regulatory standards such as DFARS, CJIS, NYDFS
  • 10+ years of experience with leading information security frameworks such as ISO27001/2, NIST 800-53, NIST CSF, FedRamp, FISMA
  • Experience effectively prioritizing work, juggling competing priorities and meeting deadlines in a fast-paced environment
  • Bachelor’s degree in Security Engineering, Information Technology or Computer Science or equivalent work experience; Master’s Degree in a technical discipline is preferred.

22CyberNET

Equal Employment Opportunity

We're proud to be an equal opportunity employer - and celebrate our employees' differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. At Verizon, we know that diversity makes us stronger. We are committed to a collaborative, inclusive environment that encourages authenticity and fosters a sense of belonging. We strive for everyone to feel valued, connected, and empowered to reach their potential and contribute their best.Check out our diversity and inclusion page to learn more.