When you join Verizon

Verizon is a leading provider of technology, communications, information and entertainment products, transforming the way we connect across the globe. We’re a diverse network of people driven by our ambition and united in our shared purpose to shape a better future. Here, we have the ability to learn and grow at the speed of technology, and the space to create within every role. Together, we are moving the world forward – and you can too. Dream it. Build it. Do it here.

What you’ll be doing...

The Verizon Corporate Information Security (CIS) organization securely enables the business by protecting assets and information across Verizon networks, infrastructure and applications. CIS integrates cybersecurity governance, policies, technologies and operations across Verizon, and works to incorporate security into the design of technology systems and services.
The Senior Security Engineer is part of the Verizon Cyber Defense Engineering team protecting Verizon against cyber threats. This Senior Security Engineer will serve as an engineering resource responsible for the care and development of content for the Splunk platform. This includes, but not limited to: data modeling, creating custom dashboards, writing uses cases, and runbooks. The Senior Security Engineer will work closely with the various internal towers as well as cross-organizational teams on design, content, and facilitating the use of the system.

  • Supporting, developing, executing testing of new content rules.
  • Creating signature, behavioral, and statistical content for the TMC.
  • Adding, changing, and removing rules.
  • Documenting additions, deletions, and modifications of content rules.
  • Production and update of all ‘content’ related information in the SIEM Platform.
  • Maintaining direct and regular interaction with the TMC and organizational stakeholders to enhance content across the platforms, and mature the security program, based on risk posture, threat landscape, and changing business requirements.
  • Developing and delivering regular training sessions for the TMC on content.
  • Working with cross-organization teams to evaluate the quality of provided data sources and recommending improvements to the sensing capabilities and coverage.
  • Working with the other security functions to identify and apply Cyber Threat Intelligence from internal and external sources to the existing Content Library.
  • Supporting the technical security and engineering design review for proposed IT infrastructure changes, and understanding how these changes drive adjustments across the content process.
  • Identifying manual work drivers, and make recommendations / solutions on how to automate those tasks.

What we’re looking for...

You are active in the threat intelligence community, and are able to apply that knowledge to shape Verizon’s security posture. You are able to understand and solve business problems while managing associated risks and compliance requirements. You are comfortable working without direction and have excellent communication skills.
You’ll need to have:

  • Bachelor’s degree or four or more years of work experience.
  • Four or more years of relevant work experience.
  • Three or more years of experience in the information security field working with security content development, SIEM platforms, security events and/or incident analysis.
  • Three or more years of experience with Splunk ES, including development of content, ingestion of feeds, and/or other platform administration functions.
  • Three or more years of experience with Scripting / programming languages (Python, Perl, Shell, etc).

Even better if you have one or more of the following:

  • Bachelor’s degree in relevant field.
  • Professional certifications include CEH, CISSP, SANS GCIA, CISM or willingness to obtain within 12 months of hire.
  • Experience with development of content, ingestion of feeds, and/or other platform administration functions.
  • Direct Experience integrating SIEM with other security platforms / ticket systems.
  • Ability to convey a strong presence, professional image, and deal confidently with complex technical problems.
  • Ability to drive process improvements and identify gaps.
  • Proactive in engaging with customers, client executives and other Verizon teams.
  • Ability to excel in a team, as an individual, in a fast-paced deadline driven organization.
  • Experience with other SIEM technologies (e.g. ArcSight).
  • Experience with security products (e.g Crowdstrike, Threatstream).
  • Experience in investigating and quantifying long running trends in the enterprise environment.
  • Knowledge of working with analysis of security and user behavioral patterns within a corporate environment.
  • Five or more years of experience within the information security field.