MoveTheWorldForwardTogether

When you join Verizon

Verizon is a leading provider of technology, communications, information and entertainment products, transforming the way we connect across the globe. We’re a diverse network of people driven by our ambition and united in our shared purpose to shape a better future. Here, we have the ability to learn and grow at the speed of technology, and the space to create within every role. Together, we are moving the world forward – and you can too. Dream it. Build it. Do it here.

What you’ll be doing...

The Verizon Corporate Information Security (CIS) organization securely enables the business by protecting assets and information across Verizon networks, infrastructure and applications. CIS integrates cybersecurity governance, policies, technologies and operations across Verizon, and works to incorporate security into the design of technology systems and services.

The Verizon IR team is a group of full-time security engineers & analysts who collect, analyze and act upon information from an incident. They are the focal point of the incident, and are responsible for communicating with other stakeholders within Verizon and external parties such as legal counsel, law enforcement, affected customers, etc.

The Cyber Threat Hunter role is a position providing an opportunity to work in a fast paced collaborative environment defending Verizon from current and future cyber threats. This position plays a critical role in Verizon’s enterprise computing defense. Threat Hunters must be agile, willing to learn and teach others, and able to think outside of the box in order to operate effectively in an ever changing threat landscape.

Responsibilities:

  • Hunt for and identify threat actor groups and their techniques, tools, and processes.
  • Participate in "hunt missions" using threat intelligence, analysis of anomalous log data and results of brainstorming sessions to detect and eradicate threat actors.
  • Provide analytic investigative support of complex security incidents.
  • Perform analysis of security incidents for further enhancement of alert catalog.
  • Continuously improve processes for use across multiple detection sets for more efficient operations.
  • Utilizes and adheres to defined workflow and processes driving Threat Hunts and mitigation efforts.
  • Escalates and hands off to TMC teams and leadership based on defined threat and priority determination.
  • Characterize suspicious behaviors and be able to identify traits, C2, and develop network and host-based IOCs or IOAs.
  • Leverages a series of tools, techniques, and capacities to support hunting activities.
  • Documents results of threat hunt analysis and subsequent detection, potential remediation, and recovery in an effective and consistent manner.
  • Produces threat hunt specific metrics and key performance indicators for executive review.
  • Contributes to strategic and tactical direction on threat hunt initiates.
  • Experience with industrial taxonomies like Cyber Kill Chain, MiTRE’s ATT&CK, MiTRE’s CAPEC, MiTRE’s CAR, NIST, CIF, SANS and/or STIX 2.0
  • Knowledge on query structures like Regular Expressions, YARA and SIGMA rules, AQL and KQL types.
  • Provides Training and Mentoring of Junior team members.

What we’re looking for...

You’ll need to have:

  • Bachelor’s degree or four or more years of work experience.
  • Four or more years of relevant work experience.
  • Security Operations, Incident Handling, Threat Intelligence, Threat Hunting and/or Digital Forensic experience.

Even better if you have:

  • A degree
  • Relevant Certifications (A+, Network+, Security+, CISSP, GCIH, GCFA, GCFE, GNFA, GREM) or willingness to obtain withintwelvemonths of hire.
  • Experience with dynamic and/or malware analysis.
  • Experience in Cyber Intelligence or relevantdisciplines.
  • Advanced knowledge and experience in Information Security
  • Knowledge of Networking (including the OSI Model, TCP/IP, DNS, HTTP, SMTP), System Administration, and Security Architecture.
  • Program and Scripting experience.
  • Strong knowledge of Operating Systems: Windows, Unix/Linux, and OSX Operating Systems.
  • Experience and knowledge of cyber risks and threats related to cyber attackers.
  • Strong communication and presentation skills along with the ability to work in a highly collaborative environment.
  • Ability to exhibit initiative, follow-up and follow-through with commitments.
  • Strong relationship skills and collaborative style to enable success across multiple partners.
  • Ability to manage multiple priorities in a dynamic environment.
  • Effective organizational and technical skills.
  • Effective verbal and written communication skills.
  • Ability to comply with any regulatory requirements.