Cyber Risk Programs Security Consultant III ( 599616-1G )
When you join Verizon
Verizon is one of the world’s leading providers of technology and communications services, transforming the way we connect across the globe. We’re a diverse network of people driven by our shared ambition to shape a better future. Here, we have the ability to learn and grow at the speed of technology, and the space to create within every role. Together, we are moving the world forward – and you can too. Dream it. Build it. Do it here.
What you’ll be doing...
The Verizon Cyber Risk Programs (CRP) Security Consultant III, is an experienced resource who is assigned one or more clients and is expected to lead most client interactions and program delivery. A CRP Security Consultant III is to provide the services (activities, tasks, reports, recommendations, guidance, consultation and deliverables) in accordance with the Verizon CRP service description, SOW and/or contractual requirements. A Consultant III is also responsible for delivering assessments findings to technical staff and at times the C-Suite.
You will perform both remote and onsite client activities such as control validation to include; policy, process and procedure reviews, wireless/IOT assessments and physical inspections of client office and data center facilities, this includes interviewing and surveying client stakeholders in order to validate technical and administrative controls which may require both domestic and international travel, typically 25-50%. In addition to serving as primary point of contact and lead delivery Consultant, you are also expected to lead junior team members, provide coaching, mentorship, guidance, and lead special projects, and initiatives.
Primary responsibilities include, but not limited to:
- Serve as primary point of contact and lead delivery Consultant and deliver the Cyber Risk
- Program (CRP) or Cyber Risk Monitoring Level 3 (CRM-L3) program to external customers.
- Delivering custom compliance and risk programs based on ISO2700, NIST CSF & NIST 800-53, PCI-DSS, CIS Critical Security Controls, HIPAA, and HITRUST.
- Identify ways to maximize program delivery efficiency and/or evaluating process flows and procedures with recommendations made to leadership teams.
- Cybersecurity research
- Provide coaching, mentorship, guidance, and lead special projects, and initiatives.
Where you'll be working:
In this hybrid role, you'll have a defined work location that includes work from home and assigned office days set by your manager.
What we’re looking for...
You’ll need to have:
- Bachelor’s degreein Business, Computer Science, Information Systems or Cyber Security or four or more years of work experience.
- Four or more years of relevant work experience.
- Active CISSP certification
- A technical background And experience in both IT and Cyber Security.
- Knowledgeand focus in Information Assurance/Security, Cyber Security, Risk Management, Governance, Risk and Compliance Assessments and/or Auditing.
- Enterprise System Auditing and experience with a multitude of security management, monitoring and testing tools and platforms.
- Experience with the following security tools and platforms; vulnerability scanners, phishing tools, threat intelligence dashboards, FW configuration review tools and wireless/IOT tools.
- Experience with presenting to technical staff, department leads, and executives (C-suite/Board of Directors to include preparing quarterly Executive Summary Risk Reports and presenting to customer stakeholder teams.
- Willingness to travel up to approximately 50% of the time.
Even better if you have one or more of the following:
- Certifications in any of the following: ISSP-ISSAP, E-CEH, E-CIH, ISACA CISM, CISA, CRISC, CCSP, CCSK, GSEC, GIAC, GPEN, CHFI or other cybersecurity related certifications.
- Strong time management and prioritization skills.
- Oral and written communication skills to be able to articulate and communicate assessment findings and recommendations in a clear and concise manner to the appropriate target audience which may include project managers, program managers, and technical points of contacts and/or external/internal management stakeholders.
- Ability to multitask between internal tasks, projects and time sensitive client related deliverables and tasks, and complete other duties as assigned by a supervisor (Principal Consultant/Team Lead, Manager, Sr. Manager.
- Vendor specific certifications: Qualys, Tenable, Rapid 7, Digital Defense, Recorded Future, Firemon, Tuffin, and ProofPoint.
- Knowledge of common frameworks such as ISO 27000, NIST CSF, NIST-800, GDPR, PCI-DSS, HIPAA, HITRUST, and CIS Controls.
- Experience with quantifying cyber security risk using threat likelihood, implementation state, and business impact variables in addition to prioritizing risk initiatives based on business need, compliance requirements, and/or industry best practice risk reduction methodologies.
- Experience with performing research on cyber security best practices, security systems, control validation procedures and system configurations.
- Experience with cybersecurity program assessment processes, closely examining the relationship between people, processes and technology and their effects on information confidentiality, integrity, and availability in order to draft reports that contain priority of effort recommendations
- Knowledge with the changing nature of the threat landscape and therefore understands the necessity of being able to adapt and respond appropriately to changing requirements and objectives.
Equal Employment Opportunity
We're proud to be an equal opportunity employer - and celebrate our employees' differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. At Verizon, we know that diversity makes us stronger. We are committed to a collaborative, inclusive environment that encourages authenticity and fosters a sense of belonging. We strive for everyone to feel valued, connected, and empowered to reach their potential and contribute their best. Check out our diversity and inclusion page to learn more.
COVID-19 Vaccination Requirement
NYC candidates: Verizon requires new hires to be fully vaccinated against COVID-19 for onsite and hybrid NYC roles. Verizon provides reasonable accommodations consistent with legal requirements (e.g., for medical or religious reasons). Additional information will be provided during the hiring process.