When you join Verizon

Verizon is one of the world’s leading providers of technology and communications services, transforming the way we connect across the globe. We’re a diverse network of people driven by our shared ambition to shape a better future. Here, we have the ability to learn and grow at the speed of technology, and the space to create within every role. Together, we are moving the world forward – and you can too. Dream it. Build it. Do it here.

What you’ll be doing...

Verizon is proud to continually earn a spot in Gartner's Leader Quadrant for Managed Security Service Providers (MSSPs) supporting F500 and government agencies around the world. Our Managed Security Services range from security operations centers, security engineering, and cyber intelligence to assessments, planning, and implementation. In support of our world leading position in cybersecurity, we are adding a Principal SIEM Engineer due to growth to focus on Google Chronicle. This is an excellent opportunity to get your hands on one of the newer SIEM technologies.

The Principal SIEM Engineer is a part of our Advanced Security Operations Center (ASOC) within Verizon’s Managed Security Services team. This role is designed to provide senior level leadership for the design, engineering, and implementation of security event data collection for our managed security service customers related to incident response, threat monitoring, threat intelligence, and operations. These programs pertain to the data identification, assessment, ingestion, normalization and enrichment activities required for Verizon’s Advanced Security Operations Center to perform proper detection and analytics of cyber threats and response.

  • Lead and perform the content development within the SIEM Platform which includes use case creation, dashboard design, tuning of use cases to minimize false positives, development of reporting metrics such as SLA and KPI reports and log source configuration
  • Participate in use case development, provide technical input into designs, and maintain SIEM use cases throughout their lifecycle including SOAR integration and contributing to playbooks.
  • Work with the customer to incorporate asset landscape details, severity threats campaigns, and data breaches, as well as perform impact and exposure assessments relative to the customer
  • Threat hunting and independent threat research to augment and feed custom use case creation
  • Leverage advanced knowledge of security operations, cyber security tools, intrusion detection, and secured networks to integrate with the SIEM platform
  • Act as an escalation point for the Security Analysts to assist and advise on the most complex security threat investigations
  • Collaborate with Senior ASOC Analysts and Verizon on-site teams to implement solutions to SIEM & SOAR platforms.
  • Provide advice on SIEM management, infrastructure, log ingestion and normalisation in order to support the ongoing development of use cases and their dependencies.
  • Review and enhance logging information flow strategies and technical information flow required for log onboarding; create the work plan required for logging onboarding to include determining the technical details
  • Share and exchange knowledge gained across all Verizon SIEM stakeholders and subject matter experts.
  • Develop and implement SIEM, SOAR, and service management integrations including threat intelligence feeds, authentication systems, and response systems (firewalls, proxies, etc).
  • SIEM installation, configuration, management and fault-finding.
  • Provide briefings to ASOC managers, customer service leads, and other stakeholders on issues pertaining to SIEMS management, use case maintenance, and their operational risks.
  • Determine and report the accomplishments of project initiatives across stakeholder groups, providing consulting and guidance on how to drive business results from the data available
  • Support and consult vendors and customers to assist in implementing sound and secure logging practices while interfacing with customers in support of their logging requirements
  • Mentor and support SOC Analysts Tier 1-3

Where you'll be working:

This position is a hybrid role, where most of the work is remote/work from home, with occasional days in the office as needed

What we’re looking for...

You'll need to have:

  • Bachelor’s degree or four or more years of work experience.
  • Six or more years of relevant work experience.
  • Experience as a SIEM Engineer, specifically with Splunk, QRadar, or RSA Netwitness
  • Six or more years ofexperience creating custom use cases, dashboards, and reporting.
  • Six or more years of experience with SIEM engineering, administration, and optimization with Splunk, QRadar, or RSA Security Analytics / Netwitness administration or other SIEM platform.
  • Use case and correlation development experience.
  • Threat hunting experience.
  • Linux command line experience.
  • Knowledge of regular expressions and data normalization.
  • Willingness to travel.

Even better if you have one or more of the following:

  • Master's degree in information security, cyber security, computer science or a related field
  • Experience assessing and implementing security incident detection systems, particularly SIEMs.
  • Strong interpersonal skills and collaborative style to enable success across multiple partners
  • Experience working in a Security Operation Center environment
  • Experience with Google Chronicle
  • Cloud security experience
  • Experience with SOAR platforms, particularly Palo Alto XSOAR.
  • Knowledge in security architecture and enterprise information technology protocol and traffic flows
  • Capability to clearly and succinctly explain highly complex issues to senior executives
  • Strong communication and presentation skills along with the ability to handle multiple priorities in a fast paced dynamic environment
  • Experience preparing and delivering presentations to peers or senior executives
  • Ability to grasp and assess “big picture” issues and bring them to light in order to foster positive change for a more robust data ingestion platform and process process.
  • Scripting or automation experience - python, perl, bash, powershell, etc.




Equal Employment Opportunity

We're proud to be an equal opportunity employer - and celebrate our employees' differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. At Verizon, we know that diversity makes us stronger. We are committed to a collaborative, inclusive environment that encourages authenticity and fosters a sense of belonging. We strive for everyone to feel valued, connected, and empowered to reach their potential and contribute their best. Check out our diversity and inclusion page to learn more.

COVID-19 Vaccination Requirement

NYC candidates: Verizon requires new hires to be fully vaccinated against COVID-19 for onsite and hybrid NYC roles. Verizon provides reasonable accommodations consistent with legal requirements (e.g., for medical or religious reasons). Additional information will be provided during the hiring process.