When you join Verizon

Verizon is a leading provider of technology, communications, information and entertainment products, transforming the way we connect across the globe. We’re a diverse network of people driven by our ambition and united in our shared purpose to shape a better future. Here, we have the ability to learn and grow at the speed of technology, and the space to create within every role. Together, we are moving the world forward – and you can too. Dream it. Build it. Do it here.

What you’ll be doing...

*Open to remote employment, candidate dependent*

The Verizon Corporate Information Security (CIS) organization securely enables the business by protecting assets and information across Verizon networks, infrastructure and applications. CIS integrates cybersecurity governance, policies, technologies and operations across Verizon, and works to incorporate security into the design of technology systems and services.

The Director of Cyber Defense Engineering will be a key member of the CISO organization, with primary focus on ensuring Verizon’s defensive technologies are managed to world class levels. The selected candidate will lead a team of engineers to develop, enable and tune real time tactical and progressive strategic threat detection capabilities. In order to be successful in this role, the leader must have a keen understanding of the evolving cyber landscape, inspire creativity, and exceptional ability to encourage and empower the teams to excel in the mission.

Key capabilities and/or attributes that will be required are:

  • Threat Detection Engineering
  • Develop signature based threat detection
  • Author detection rules and configurations
  • Creation and tuning of cyber detection logic
  • SOAR rule management; with background in full S-SDLC processes to enable production level event correlations and actions with appropriate testing and evaluations.
  • Engineering mindset with business focus
  • Proven capability to inspire creativity
  • Strong partnership and collaboration as this will be a service support team for the Threat Management teams
  • Ability to execute on projects and plans to ensure key deliverables are met and maintained.
  • Insight and background on IOCs and TTPs of most prevalent threat actors to ensure that all tools supported (SIEMs, SOAR, ML/AI analytical data lakes, etc.)
  • Ability to build, grow, develop, and oversee the Threat Detection team,
  • Acquire and retain cyber talent with a focus on development and training.
  • Maintaining strong partnerships with Red team, Intelligence team, Fraud team and peers from GN&T, VMG
  • Support & maintain cyber defense tools management
  • Engineer and operate Cyber Defense Security tools; while partnering with CIS Architecture team to continuously enhance the program

The Cyber Defense Engineering Leader will oversee a team of security professionals responsible for:

Threat Detection Engineering

  • Apply / Recommend network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth) to drive cyber defense and monitoring enhancements
  • Enhance Splunk Enterprise Security (ES) use cases by identifying and collecting machine and non-machine data sets to assist in identifying potential threats and malicious behavior
  • Assess, prioritize and communicate risks and urgency to leadership and engineering teams
  • Maintain a program to continue to develop and enhance threat detection (using cyber kill chain / MITRE ATT&CK framework) and expand coverage (across applications, products,
  • Partner with Threat Intelligence, SOC’s and other internal and external partners to determine high fidelity indicators that can transform into real time threat detection alerts.
  • Author detection rules and configurations (including CASB, Cloud, etc rules def)
  • Evolve ML/AI Development & Integration in support of threat detection  
  • Maintain a program to tune detection logic

SOAR creation and integration

  • Establish and driving a program for enhancing security orchestration, automation and response (SOAR)

Cyber Defense Reporting & Metrics

  • Produce metrics of risk and performance indicators, such as:
  • Attack trends, Impact trends
  • Performance of detection solutions
  • Efficiency / efficiency gains resulting from use of security orchestration, automation and response (SOAR)

What we’re looking for...

  • 15+ years cyber security experience; preferably in fast paced, high volume, growth environments with both on premise and cloud infrastructures; with at least six years in a significant leadership role
  • 10+ years people management with a proven track record of building, training, and developing a high-performing team; ability to lead and motivate an organization of security professions to achieve tactical and strategic goals, even when only "dotted line" reporting lines exist
  • 5+ years’ experience implementing/supporting threat management programs and tools.
  • 5+ years’ experience in tactical support roles requiring rapid response in support of the business.
  • Strategic leader and builder of both vision and bridges, and able to energize the appropriate teams in the organization; proven leadership in advanced information systems combined with broad business acumen, which extends beyond the functional responsibilities of the role
  • A thorough understanding of industry best practices in information security
  • Experience assessing cyber threats and vectors to ensure detection and automated response capabilities are able to rapidly mitigate potential threats.
  • Experience working on cross-functional teams including engineering, products teams, legal and security
  • Experience performing risk and threat assessments as part of product development
  • Experience effectively prioritizing work, juggling competing priorities and meeting deadlines in a fast-paced environment
  • Bachelor’s degree in Security Engineering, Information Technology or Computer Science or equivalent work experience; Master’s Degree in a technical discipline is preferred


Equal Employment Opportunity

We're proud to be an equal opportunity employer - and celebrate our employees' differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. At Verizon, we know that diversity makes us stronger. We are committed to a collaborative, inclusive environment that encourages authenticity and fosters a sense of belonging. We strive for everyone to feel valued, connected, and empowered to reach their potential and contribute their best.Check out our diversity and inclusion page to learn more.