Senior Manager, Red Team ( 573975-1A )
When you join Verizon
Verizon is a leading provider of technology, communications, information and entertainment products, transforming the way we connect across the globe. We’re a diverse network of people driven by our ambition and united in our shared purpose to shape a better future. Here, we have the ability to learn and grow at the speed of technology, and the space to create within every role. Together, we are moving the world forward – and you can too. Dream it. Build it. Do it here.
What you’ll be doing...
The Verizon Corporate Information Security (CIS) organization securely enables the business by protecting assets and information across Verizon networks, infrastructure and applications. CIS integrates cybersecurity governance, policies, technologies and operations across Verizon, and works to incorporate security into the design of technology systems and services.
As our Penetration Testing and Red Team Manager you will be responsible for leading and managing the delivery of penetration testing and red teaming services across the Verizon enterprise and business units. You will be responsible for the establishment, maintenance and execution of testing standards, processes, procedures, and operations to support the security testing needs of applications, platforms, technologies, processes and systems to identify vulnerabilities and weaknesses that can be exploited by threat actors. You will translate the Penetration Testing and Red Teaming delivery strategy into actionable and measurable and ensure that the identified activities are effectively executed to meet Verizon business goals. Specifically, you will possess an effective aptitude in security of operating systems, networking and protocols, firewalls, databases and middleware applications, forensics, and scripting and programing to lead technical testing experts and effectively translate highly technical information to CIS internal customers in a way that supports CIS and broader Verizon goals. You will maintain processes and management services to ensure the ability of Verizon internal consumers to effectively engage the enterprise testing teams to request and receive testing services to support business objectives that support established service level agreements (SLAs) and operating level agreements (OLAs). You will maintain the single front door process to provide a consistent experience for engagement of Verizon internal consumers and consistent, repeatable results consistent with Verizon policy. Also, you will ensure that quality assurance processes are maintained to assess and improve enterprise testing service delivery and to assess delivery of testing services within the broader Verizon enterprise.
- Responsible for establishing a Penetration Testing and Red Teaming Center of Excellence.
- Lead the enterprise-wide penetration testing and red teaming capabilities by setting the vision and establishing direction to identify material risks and vulnerabilities based on cutting edge tools, tactics and protocols in use by potential threat actors.
- Build and maintain relationships with other IT, network, and security leaders to develop a clear understanding of business needs; ensure cost-effective delivery of penetration testing and red teaming services to meet those needs, and respond with agility to changing business priorities.
- Direct and oversee the penetration testing and red teaming center of excellence to develop and promote best practices and standards, innovate and optimize testing capabilities, and drive transparency across the enterprise security testing landscape.
- Maintain and oversee the execution of the coordinated enterprise-level Verizon red teaming exercise program that effectively tests system and process security controls and response procedures to help mature Verizon security posture against simulated real-world threats.
- Work effectively with business units to facilitate security penetration testing and red team assessments to support new system testing, vulnerability remediation, post-incident remediation validation, and proactive identification of threats and vulnerabilities to support operational risk assessment and management processes and efforts.
- Manage the cost-efficient delivery of penetration testing and red teaming services within an organizational structure potentially consisting of direct reports and dotted line reports
- Ensure hiring, training, staff development, performance management, and annual performance reviews are aligned and effectively executed to continue to grow the skills and capabilities in accordance with Verizon’s strategic needs.
- Build the necessary internal relationships and communication networks among the broader information security team and line-of-business executives, corporate compliance, audit, physical security, legal and HR management teams to ensure continued alignment as required.
- Monitor the external threat environment for emerging threats, and advise relevant stakeholders on the appropriate courses of action.
Where you'll be working...
This role will be based out of any Verizon work location as listed in the posting. In this role, you'll have a defined work location that includes work from home and assigned office days set by your manager.
What we’re looking for...
You’ll need to have:
- This hybrid role will have a defined work location that includes work from home and assigned office days as set by the manager.
- Bachelor’s degree or four or more years of work experience.
- Six or more years of relevant work experience.
- Penetration Testing and/or Red Teaming experience.
Even better if you have one or more of the following:
- Bachelor’s degree in Engineering or Information Technology. Ideally, your Master’s degree in a technical discipline.
- Six or more years of experience in a combination of penetration testing and red teaming security operations (at least four in a significant leadership role).
- Proven track record and experience in effective penetration testing and red teaming, as well as successfully executing programs that meet the objectives of excellence in a dynamic business environment.
- Ability to be a strategic people leader and proven capability to energize the appropriate teams in the organization.
- Proven leadership in advanced information systems combined with broad business acumen.
- Proven track record of building, training, and developing a high-performing team; ability to lead and motivate the team to achieve tactical and strategic goals.
- Demonstrated excellent written and verbal communication skills, interpersonal and collaborative skills, and the capability to communicate information security and risk-related concepts to technical and nontechnical audiences at various hierarchical levels, ranging from board members to technical specialists.
- Demonstrated ability to be a critical thinker with strong problem-solving skills.
- Demonstrated excellent analytical skills, the ability to manage multiple projects under strict timelines, as well as the ability to work well and thrive in a demanding, dynamic environment and meet overall objectives.
- Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework.
- Professional security certifications such as CISSP, CISM, CISA, OSCP or other related or willingness to obtain within 12 months of hire.
- Project management skills: financial/budget management, scheduling and resource management.
- Experience with contract and vendor negotiations.
Equal Employment Opportunity
We're proud to be an equal opportunity employer - and celebrate our employees' differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. At Verizon, we know that diversity makes us stronger. We are committed to a collaborative, inclusive environment that encourages authenticity and fosters a sense of belonging. We strive for everyone to feel valued, connected, and empowered to reach their potential and contribute their best. Check out our diversity and inclusion page to learn more.