Senior Security Engineer ( 604751-1C )
When you join Verizon
Verizon is one of the world’s leading providers of technology and communications services, transforming the way we connect across the globe. We’re a diverse network of people driven by our shared ambition to shape a better future. Here, we have the ability to learn and grow at the speed of technology, and the space to create within every role. Together, we are moving the world forward – and you can too. Dream it. Build it. Do it here.
What you’ll be doing...
The Senior Security Engineer is an integral part of Verizon's GTS security team. This is a Tier IV Security Engineer focused on Verizon’s security and risk management guidelines. You will partner with security architects and engineers to create security designs based on best practices and customized to meet the customer security policies. All security designs are created to support SLA and are therefore optimized to support business continuity. Where possible, we will also look for opportunities to consolidate infrastructure to reduce cost and/or dedicated lanes built for high priority applications.
You will be conducting requirements mapping, technical consulting, project response, level of effort determination, equipment specification, and implementation recommendations and guidance. Proactively generate proposals for recommended, corrective, courses of action based on problem management or RCA reports.
- Follow standard operating procedures for the Risk Management team
- Engage in new project assignments and provide regular updates
- Execute on scanning needs as necessary/available for projects
- Create a Scope of Work when one is needed for penetration testing
- Engage internally for project feedback
- Orchestrate penetration testing by facilitating our penetration test vendors’ access.
- Create a Risk Assessment Report capturing risks and vulnerabilities discovered during the assessment process, penetration test, documentation review, SME interviews, and any received from compliance assessments
- Perform a project read-out explaining the findings and suggestions for remediation
- Track remediation efforts
- Assist in overcoming complex application security technical challenges and security engagements with new technology
- Minimize the risk of negative effects resulting from poorly planned application security changes
- Determine the appropriate hardware and software features and functionality required for a change or enhancement
- Provide guidance, technical, and troubleshooting support on Tier 1, 2, and 3 applications
- Maintain quality assurance through adherence to established process, procedures, and baselines
- Act as the technical security for problem resolution assistance with regards to security engineering, and change management issues
- Define action plans that are easy to implement, effective at reducing risk, and as much as possible will take advantage of existing people, processes, and technologies
- Participate in status calls to discuss risk intelligence, incidents, vulnerability details, change request, implementation state, compliance state, and/or risk state
What we’re looking for...
You'll need to have:
- Bachelor’s degree or four or more years of work experience.
- Four or more years of relevant work experience.
- Experience with both security infrastructure and security analytics technologies.
- Experience inMicrosoft Windows and Linux operating systems.
- Scripting/Programming experience (e.g., Python, Powershell, Java).
Even better if you have:
- Bachelor’s degree in Computer Science or related field
- Five years of work experience in IT Cybersecurity Engineering
- Six years or more as a Security Engineer or Architect with experience designing, engineering, and configuring complex, enterprise security networks
- Experience with both security infrastructure and security analytics technologies
- Expert-level knowledge of Microsoft Windows and Linux operating systems
- Experience with cloud platforms like AWS and Microsoft Azure
- Preferred Linux command line experience
- Advanced knowledge of scripting languages (e.g., Python/Powershell), programming, and DevOps
- Hands-on experience with SIEM platforms, such as Security Analytics, Splunk, Firewalls, Intrusion Detection/Prevention Systems, Proxies, Web Applications, and/or Penetration Testing
- Experience in the areas of Incident Response and the SOC
- Experience with Vulnerability Management solutions / systems
- Experience with Policy Assessment tools
- Ability to be a self-starter and work individually with limited guidance
- Excellent time management skills to balance between clients
- Knowledge of a common scripting language (preferably Python) and basic experience in DevOps
- Strong communication skills including strong verbal presentation skills. Able to present and communicate at all levels of the organization including senior management
- Analytical skills who is able to interpret complex information and adapt as needed
- Experience working in matrix environment with globally diverse team members
- CISSP, CISM or related certification
- Solid understanding of attack vectors and how systems are compromised
- Capability to effectively multi-task, prioritize work, and handle competing interests
Equal Employment Opportunity
We're proud to be an equal opportunity employer - and celebrate our employees' differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. At Verizon, we know that diversity makes us stronger. We are committed to a collaborative, inclusive environment that encourages authenticity and fosters a sense of belonging. We strive for everyone to feel valued, connected, and empowered to reach their potential and contribute their best. Check out our diversity and inclusion page to learn more.
COVID-19 Vaccination Requirement
NYC candidates: Verizon requires new hires to be fully vaccinated against COVID-19 for onsite and hybrid NYC roles. Verizon provides reasonable accommodations consistent with legal requirements (e.g., for medical or religious reasons). Additional information will be provided during the hiring process.