Principal Security Engineer Cloud Automation
When you join Verizon
Verizon is one of the world’s leading providers of technology and communications services, transforming the way we connect across the globe. We’re a diverse network of people driven by our shared ambition to shape a better future. Here, we have the ability to learn and grow at the speed of technology, and the space to create within every role. Together, we are moving the world forward – and you can too. Dream it. Build it. Do it here.
What you’ll be doing...
The Verizon Corporate Information Security (CIS) organization securely enables the business by protecting assets and information across Verizon networks, infrastructure and applications. CIS integrates cybersecurity governance, policies, technologies and operations across Verizon, and works to incorporate security into the design of technology systems and services.
The Cloud Platform Governance Team is part of the CISO Organization and is primarily responsible for ensuring that the data and processes that are used in public cloud platforms are secured and controlled so that application workloads in those cloud platforms are not exposed to unintended users or services. The team is responsible for partnering with multiple stakeholders in framing and implementing governance policy frameworks for Cloud platforms primarily on AWS, GCP, OCI and Azure.
We are looking for a Principal Security Cloud Automation Developer. In this role, you will be responsible for:
- Design and automate security and governance framework across our AWS, Azure, GCP and OCI environments using Python, Boto3, Google Cloud SDKs, Unix Shell, and other scripting languages.
- Be a contributor with advanced capabilities to enable automation/integration across hybrid processing environments (e.g., LDAP, SSO, CI/CD, Cloud APIs, Messaging, Web, microservices, SAAS, ServiceNow, Networking).
- Partner with application delivery teams in enabling cloud services after evaluating risk exposure.
- Conduct POCs on services from security and risk stand points and create access management framework based on principle of least privileges.
- Automate Identity and Access management in AWS, Azure, GCP, and OCI cloud platforms for enabling users and services.
- Work with stakeholders from both our application as well as other security teams to provide solutions that meet security and governance requirements while minimizing impact on developer productivity.
- Proactive monitoring, logging, audits, and automated policy enforcement for security and cost compliance.
- Ensure services availability and continuity through proper response to threat incidents and requests.
- Work in a product operating model which is based on Agile/ Scrum practices.
Where you’ll be working:
In this role, you'll have a defined work location that includes work from home and assigned office days set by your manager.
What we’re looking for...
You’ll need to have:
- Bachelor’s degree or four or more years of work experience.
- Six or more years of relevant work experience cloud infrastructure automation.
- Experience in coding in Java, Python, Django, HTML, jQuery, Bash, Typescript, and or .Net
- Experience with any two of the following platform infrastructures - AWS, GCP, Azure, and OCI.
- Experience with Cloud Security and Governance practices and frameworks.
Even better if you have one or more of the following:
- Master’s degree in Computer Science, Information System, or a related field.
- Knowledge of API, Microservices, network, and security architectures and design patterns.
- The ability to ask difficult questions and challenging your team and dependencies while being highly collaborative and open to input.
- Experience building cloud platform architecture solutions on public and/or private cloud platforms with an emphasis towards governance/security tools.
- Experience with modern source control repositories (e.g., Git) and DevOps toolsets (e.g., Jenkins/ Ansible) and knowledge of Agile/ Scrum methodologies.
- Knowledge of distributed systems, asynchronous messaging, and networking protocols.
- Experience with open source applications, frameworks, and libraries.
- Knowledge of Docker, ECS, Kubernetes, and Container Security.
- Third-party ecosystem tools for compliance and security such as Auto-Remediation/ Compliance (Cloud Custodian), PRISMA, Dome 9, TrendMicro, and Container Security Tools.
- GCP, AWS, and or Azure Associate or professional certifications.
- Consistent track record of shaping and integrating complex infrastructure in the cloud.
- Basic exposure to DBs and SQL.
- Development experience with MySQL tables, queries, procedures, and functions.
- Excellent verbal and written communication skills.
If Verizon and this role sound like a fit for you, we encourage you to apply even if you don’t meet every “even better” qualification listed above.
Equal Employment Opportunity
We're proud to be an equal opportunity employer - and celebrate our employees' differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. At Verizon, we know that diversity makes us stronger. We are committed to a collaborative, inclusive environment that encourages authenticity and fosters a sense of belonging. We strive for everyone to feel valued, connected, and empowered to reach their potential and contribute their best. Check out our diversity and inclusion page to learn more.
COVID-19 Vaccination Requirement
NYC candidates: Verizon requires new hires to be fully vaccinated against COVID-19 for onsite and hybrid NYC roles. Verizon provides reasonable accommodations consistent with legal requirements (e.g., for medical or religious reasons). Additional information will be provided during the hiring process.