Principal - Security Risk Management

When you join VerizonVerizon is a leading provider of technology, communications, information and entertainment products, transforming the way we connect across the globe. Were a diverse network of people driven by our ambition and united in our shared purpose to shape a better future. Here, we have the ability to learn and grow at the speed of technology, and the space to create within every role. Together, we are moving the world forward and you can too. Dream it. Build it. Do it here.What youll be doing...The Principal - Security & Risk Management is responsible for Application Security for Corporate Systems and includes Enterprise Vulnerability Management, Cloud Security, Risk Analysis.+ Leading the Enterprise Vulnerability management for Corporate systems including Source Code Scans/Dynamic Application/Open Source Code/IP Scans and Vulnerability remediation.+ Managing adaptive Security including Runtime Application Self Protection,logging & monitoring, Database Security.+ Coordinating with a broad cross-section of project teams to explain and enforce security measures.+ Aligning with Enterprise InfoSec leads for risk assessment of applications including ERP, SaaS and Cloud native solutions.+ Aligning with system integration leads to a review of the architecture andsecurity measures and recommend enhancements.+ Reviewing various security protocols, data encryption, authentication, authorization for ERP landscape.+ Partof AppSecurity management involved in building strategy for protection and mitigation of data security for data at rest and in transit. This includes On Prem, Cloud and hybrid environments.+ Analyzing business impact and exposure based on emerging security threats, vulnerabilities, and risks and recommending solutions to mitigate them.+ Analyzing vulnerability assessments and penetration tests using generally accepted tools, and recommending remediations.+ Complying with Security by design by assisting with the development team in remediation of control deficiencies identified during the security risk assessment.+ Participating in the Security Incident Response Team (SIRT) activities, helping SIRT to respond and recover from security incidents in a timely manner for ERP environments.What were looking for...You will need to have:+ Bachelors degree or four or more years of work experience+ Six or more years of relevant work experience.+ Software Development experience in Java, .NET, DevSecOps, Secure SDLC practices and Threat Modeling.+ Experience with Application Security - Static Application Security Testing (SAST) ex. Fortify, Checkmarx, Dynamic Application Security Testing (DAST) ex. OWASP ZAP and Open Source Software Security (3rd party libraries) ex. Black Duck.+ Experience in Application Logging & Monitoring and provide remediation solutions for the findings.+ Cloud Security experience such as SaaS Solutions and experience with at least one of the following: Amazon Web Services (AWS), Microsoft Azure and Google Cloud Platform (GCP).+ Experience in Vulnerability Management includes analyze metrics and report and propose remediation plan and process changes.Event better if you have:+ Degree in computer science or computer engineering.+ Working experience in both Linux and Windows environments.+ Knowledge of: Database Security ex. Guardium, Runtime Application Self-Protection (RASP), Splunk and Dashboard Development, Container Security ex. Twistlock Privacy and Data Protection+ Web API & Mobile Application Security Testing - API, Micro Services.+ CSSLP (ISC2) or CISSP (ISC2) or CASE (EC-Council).+ CEH (EC-Council), CCSP (ISC2), CCSK (CSA), AWS Solutions Architect.+ Ability to coordinate across teams and organizations.+ Detailed oriented and come up with possible solutions.+ Strong ability to work on multiple priorities simultaneously.+ Respect and willingness to help others.+ Work independently and report to the Lead/Manager.+ Ability to communicate according to the audience - deep vs. higher level conversations.+ Strong presentations skills and drive call for action.Equal Employment OpportunityWe're proud to be an equal opportunity employer - and celebrate our employees' differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. At Verizon, we know that diversity makes us stronger. We are committed to a collaborative, inclusive environment that encourages authenticity and fosters a sense of belonging. We strive for everyone to feel valued, connected, and empowered to reach their potential and contribute their best.Check out our diversity and inclusion (https://www.verizon.com/about/careers/work-culture) page to learn more.REQNUMBER: 558445-1B