Security Risk Analyst

When you join Verizon

Verizon is one of the world’s leading providers of technology and communications services, transforming the way we connect across the globe. We’re a diverse network of people driven by our shared ambition to shape a better future. Here, we have the ability to learn and grow at the speed of technology, and the space to create within every role. Together, we are moving the world forward – and you can too. Dream it. Build it. Do it here.

What you’ll be doing...

This role will be responsible for the functions of riskmanagement as well as those of an SME for the OpenPages application.Initially, your time will be splitbetween configuring/designing OpenPages and conducting Risk Assessments. Over time, as the OpenPages environment becomes more static, that time will favor Risk Management.

As a Security Analyst, you’ll review documentation such as High-Level Designs, Low-Level Designs, Data Flow Diagrams, Operating Manuals, Product Release Notes, and other applicable documentation. In addition to participating in project calls, analysts will conduct interviews to clarify any outstanding questions about the project and its documentation.

Analysts will conduct risk management as detailed in the Risk Management team’s documentation, producing a threat model, scope of work, and a risk assessment report. The analyst will provide suggested mitigating controls, evaluate findings and adjust them based on previous expertise, standard rating guidance, compensating controls, and future state controls. The analyst will walk a project team through their risk assessment report, including outstanding findings as well as suggested methods of remediation.

Risk Analysts will generally be assigned to average (and occasionally large) sized projects of average complexity and will work with NI PMs, ME, and solution vendors as necessary. The selected candidate for this role will further be an extension of the management team and make good decisions for the company and the team.

Additionally, you will be able to assist the team with your knowledge and expertise with the Open Pages platform helping to build out its capabilities and workflows. This will be strictly in the Open Pages and Cognos applications; no system administration.

• Follow standard operating procedures for the Risk Management team
• Engage in new project assignments and provide regular updates
• Provide process feedback to project teams who are looking for requirements or design work (directing them to those appropriate teams)
• Consume project documentation using standardized document requests
• Conduct SME interviews
• Create a Threat Models
• Execute on scanning needs as necessary/available for the project
• Create a Scope of Work when one is needed for penetration testing
• Engage internally for project feedback
• Orchestrate penetration testing by facilitating our penetration test vendors access.
• Track projects, including all artifacts received and created, in the team’s tracker.
• Create a Risk Assessment Report capturing risks & vulnerabilities discovered during the assessment process, penetration test, documentation review, SME interviews, and any received from compliance assessments.
• Perform a project read-out explaining the findings and suggestions for remediation.
• Track remediation efforts.
• Provide subject matter expertise on OpenPages design, configuration, and implementation.
• Explore OpenPages & Cognos capabilities.
• Instruct your teammates on OpenPages & Cognos capabilities.
• Integrate OpenPages Risk Assessments with Policies, Standards, andControls, as well as with exceptions, and compliance efforts.

Where you'll be working…

In this hybrid role, you'll have a defined work location that includes work from home and assigned office days set by your manager.

What we’re looking for...

You have passion and excitement for Information and Cyber Security and the willingness to learn and build as much knowledge as possible in a fast-paced dynamic environment are the key drivers for this role.

At Verizon, we continuously strive to improve the security posture of The Network. You’ll be part of a very well knit and energetic team of security risk analysts with a variety of backgrounds. The idea candidate will mesh well with this high performing team and add to their capabilities by complimenting their technical knowledge.

You'll need to have:

• Bachelor’s degree or four more years of work experience.
• Four or more years of relevant work experience.
• One or more years of experience with IBM’s OpenPages and Cognos solutions.
• One or more years of combined relevant work experience in a cyber security field.

Even better if you have one or more of the following:

• Master’s degree.
• Experience with container technologies such as K8s, OpenShift, Webscale.
• Experience with risk management such as FAIR.
• Analytical and communication skills.
• Certifications such as CISSP, CISA, CRISC, ITIL.
• Knowledge in MS Office and G Suite. Must have worked on excel/reporting tools for reports.

Compensation

Our benefits are designed to help you move forward in your career, and in areas of your life outside of Verizon. From health and wellness benefits, short term incentives, 401 (k) Savings Plan, stock incentive programs, paid time off, parental leave, adoption assistance and tuition assistance, plus other incentives,we’ve got you covered with our award-winning total rewards package. For part-timers, your coverage will vary as you may be eligible for some of these benefits depending on your individual circumstances.

If you are hired into a Colorado work location, the compensation range for this position is between $78,000 and $145,000 based on a full-time schedule. The salary will vary depending on your location and confirmed job-related skills and experience. This is an incentive based position with the potential to earn more. For part-time roles, your compensation will be adjusted to reflect your hours.

Equal Employment Opportunity

We're proud to be an equal opportunity employer - and celebrate our employees' differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. At Verizon, we know that diversity makes us stronger. We are committed to a collaborative, inclusive environment that encourages authenticity and fosters a sense of belonging. We strive for everyone to feel valued, connected, and empowered to reach their potential and contribute their best. Check out our diversity and inclusion page to learn more.

COVID-19 Vaccination Requirement

Verizon requires new hires to be fully vaccinated against COVID-19. Verizon provides reasonable accommodations consistent with legal requirements (e.g., for medical, religious, or state law recognized reasons).