When you join Verizon

Verizon is a leading provider of technology, communications, information and entertainment products, transforming the way we connect across the globe. We’re a diverse network of people driven by our ambition and united in our shared purpose to shape a better future. Here, we have the ability to learn and grow at the speed of technology, and the space to create within every role. Together, we are moving the world forward – and you can too. Dream it. Build it. Do it here.

What you’ll be doing...

You would be part of the Security Maven team in Verizon Consumer Group (VCG) and would be playing the role of an Engineer III-Security Engrg in VCG portfolio.

  • Acting as a security liaison between CISO and Application Delivery teams.
  • Providing information & risk advisory services to identify and mitigate IT risks in the organization.
  • Ensuring Risk Profile of applications owned is minimal.
  • Performing threat modeling practices into the Software Development Lifecycle.
  • Incorporating security as design in SDLC process.
  • Involving and engaging Application delivery team in SSDLC Program.
  • Maintaining Inventory of Application, tech stack and their corresponding secure coding standards.
  • Performing Vulnerability Management - Static Scans, Dynamic Scans, OSS, IP Scans etc.
  • Supporting Security Initiatives & technology rollout.
  • Performing Logging & Monitoring and RASP.
  • Maintaining Summary of Portfolio Security Metrics.
  • Representing the team on the common security group/forums.
  • Participating Community Engagement on Security Best Practices ( Brown bags, articles, Dev Dashboard).
  • Driving the Security Transformation in the group via various Security Trainings/Events & Gamifications.
  • Automating Security Testing in CI/CD pipeline.
  • Implementing Mastery of commonly used security concepts, practices and procedures.

What we’re looking for...

You'll need to have:

  • Bachelor’s degree or four or more years of experience.
  • Four or more years of relevant work experience.
  • Three or more years of experience in Tools like Fortify, OWASP ZAP, CheckMarx, WebInspect, Automation.
  • Two years of Experience in web & mobile application security testing including API and Micro services.
  • Applied Knowledge of Network security concepts, Application security concepts, Cloud Security, Data Protection and/or PCI DSS.
  • Knowledge of Linux/Unix tools and architecture.
  • CEH / CompTIA Security+ certification.

Even better if you have

  • Master’s degree.
  • Professional Certifications in Security Engineering, Defensive Operations, Security Architecture and Security Analysis like CISP, CSSLP, CISA, CCSP etc.
  • Two years of experience in threat modeling practices into the Software Development Lifecycle.
  • Two years of applied knowledge of Splunk, SPL and anomaly detection and visualization development.
  • Three years of experience in application development or Manual / Automation Testing.