Principal Security Architect

When you join Verizon

Verizon is one of the world's leading providers of technology and communications services, transforming the way we connect across the globe. We're a diverse network of people driven by our shared ambition to shape a better future. Here, we have the ability to learn and grow at the speed of technology, and the space to create within every role. Together, we are moving the world forward - and you can too. Dream it. Build it. Do it here.

What you'll be doing...

The Verizon Cybersecurity (VCS) organization enables the business by protecting assets and information across Verizon networks, infrastructure, and applications. CIS integrates cybersecurity governance, policies, technologies and operations across Verizon, and works to incorporate security into the design of technology systems and services.

The Cyber Architecture Services (CAS) team focuses on the design and implementation of security reference architectures, roadmaps, and design services across the Verizon enterprise. We partner with technology and business teams to generate new security architectures, standards, controls, and processes which protect Verizon systems and data. We focus heavily on new and emerging security technology.

You will work in conjunction with a team of experienced security architects to create business-informed security architectures, conduct enterprise-level security assessments, and make risk-informed recommendations. You will help to define, document, and promote security architecture, standards, and policy throughout Verizon.

• Managing security architecture engagements for multiple large, highly-visible, and complex projects.
  
• Eliciting and interpreting stakeholder requirements, place them in the context of existing security architecture and controls, and create designs which deliver the requirements.
  
• Working in conjunction with enterprise and security architects to make decisions and help lead initiatives to ensure timely delivery of security architecture and solutions that support IT and business objectives.
  
• Working with little or no supervision to create security architecture deliverables based on high-level directives and principles to meet project requirements and timelines.
  
• Making informed decisions on matters of risk and security architectural approach that reflect your information security experience and industry best practices.
  

• Bachelor's degree or four or more years of work experience.
  
• Six or more years of relevant work experience
  
• Experience in communicating complex security concepts, both verbally and in writing, to a variety of audiences.
  
• Experience building security reference architectures and roadmaps for complex information security systems based on industry frameworks and with traceable alignment to business requirements and goals.
  
• Willingness to travel up to approximately 25% of the time.
  

• Experience using security architecture frameworks (SABSA, TOGAF, NIST, etc.) and tools (Archi, Visio, Draw) to create and manage designs.
  
• Knowledge of tools and techniques used by attackers to gain entry into corporate networks, including common IT system flaws and vulnerabilities.
  
• Knowledge on threat landscapes and threat modeling, security threat and vulnerability management, and security monitoring.
  
• Ability to analyze and identify risks in network and system designs and communicate with key stakeholders to address the risk and drive a solution.
  
• Technical experience in several security disciplines including endpoint and platform (Unix/Linux/Windows, mobile) controls, encryption/tokenization, identity and access management IaM , PKI, data protection, and security tooling integration in complex environments.
  
• Experience within the transformation of traditional data center security measures into hybrid and Cloud deployment (AWS, GCP, Azure.)
  
• Experience in network security including web proxies, reverse proxies, load balancing, IDS/IPS, firewall, wireless, and remote connectivity.
  
• Experience advising customers on enterprise and security architectures for meeting industry standards such as SOX, PCI, ISO 27001, HIPAA, and NIST/DoD frameworks.
  
• Ability to draft and contribute to enterprise security policy
  
• Subject matter expertise in consumer and Internet privacy and trust.
  
• CISSP certification or willingness to obtain within twelve months of hire.