When you join Verizon

Verizon is a leading provider of technology, communications, information and entertainment products, transforming the way we connect across the globe. We’re a diverse network of people driven by our ambition and united in our shared purpose to shape a better future. Here, we have the ability to learn and grow at the speed of technology, and the space to create within every role. Together, we are moving the world forward – and you can too. Dream it. Build it. Do it here.

What you’ll be doing...

The Enterprise Vulnerability Management (EVM) organization is concerned with finding all vulnerabilities that exist across all of Verizon’s line of businesses and work with system owners to ensure identified vulnerabilities are remediated or mitigated in accordance with EVM Standards and CPI 810.
You will work on scanning solutions (operating and deploying), impact investigations for identified vulnerabilities and oversee the effectiveness of vulnerability remediation. You will apply a process-driven approach but equally important that they must be able to interact with multiple levels of leadership and build positive, collaborative working relationships. Success will require a broad technical knowledge that will enable the selected candidate to understand vulnerabilities, their exposure techniques and compensating controls across the full stack of technologies

  • Evaluation of reported "bugs"/vulnerabilities to ensure appropriate triage.
  • Facilitate work efforts related to vulnerability scanning deployment and operations.
  • Work with and evolve the Security Operations toolsets and reporting to provide better vulnerability insight and create effective communications and reporting.
  • Identify opportunities to enhance the asset inventory, or better enrich vulnerability data.
  • Conduct ongoing research to help validate completeness or identify “gaps”.
  • Oversee multi-departmental investigations into vulnerability impact or remediation.
  • Provide comprehensive analysis back to leadership.
  • Compile documentation of and conduct training on the program processes and procedures.
  • Follow-up with owners to ensure remediation efforts are consistent with SLA/policy. Escalation for noncompliance.
  • Definition, measurement and reporting on operational KPIs.
  • Presentation to cross-functional stakeholders and Sr. leadership to ensure the awareness of and ongoing success of the vulnerability reporting and management programs.
  • Keep abreast of current cyber security and technology news and trends.

What we’re looking for...

You'll need to have:

  • Bachelor’s degree or four or more years of work experience.
  • Four or more years of relevant work experience.
  • Experience in cyber-security and/or Security Operations.

Even better if you have one or more of the following:

  • Experience in a vulnerability management program.
  • Experience working with a bug bounty program.
  • Knowledge of security fundamentals and common vulnerabilities.
  • Experience with the full stack of information technologies and associated security models - including server/OS, database, hardware, network devices, user compute, application/SDLC, cloud, etc.
  • Knowledge with common security frameworks (SOX, NIST, FISMA, etc.)
  • Multi-departmental project/program management experience.
  • Experience working with cyber security and vulnerability management at a large company.
  • Strong analytical problem solving skills, detail oriented and organized approach, excellent communication skills, and strong interpersonal skills.
  • Ability to translate client and program needs into achievable requirements.
  • Experience with a bug bounty program, or engagement with the security researcher community.
  • Knowledge of compliance best practices and knowledge in implementing programs for maintaining compliance for a highly regulated business environment.
  • Experience working with a non-IT business segment.
  • Experience within the telecommunications industry.