Sr Principal Platform Security Risk Management Analyst ( 578327-1A )
When you join Verizon
Verizon is a leading provider of technology, communications, information and entertainment products, transforming the way we connect across the globe. We’re a diverse network of people driven by our ambition and united in our shared purpose to shape a better future. Here, we have the ability to learn and grow at the speed of technology, and the space to create within every role. Together, we are moving the world forward – and you can too. Dream it. Build it. Do it here.
What you’ll be doing...
The Verizon Corporate Information Security (CIS) organization securely enables the business by protecting assets and information across Verizon networks, infrastructure and applications. CIS integrates cybersecurity governance, policies, technologies and operations across Verizon, and works to incorporate security into the design of technology systems and services.
The Platform Security team within Verizon’s Corporate Information Security (CIS) organization works to embed security seamlessly into the development and operations of Verizon’s Products and Platforms.
We are looking for a seasoned Security Risk Management professional to join our Platform Security team.
- Evaluating new or modified end-to-end software, platforms, and third party solutions that are used to deliver external facing Verizon customer products against internal, regulatory and industry security standards and controls to identify and manage risks that fall outside of VZ’s risk tolerances
- Leading core business partners, product/platform development teams and security champions to increase security maturity via creative process design which meets the evolving business needs for customers
- Providing risk consulting and/or developing training for business and technical partners to aid in identifying and applying security best practices, drive secure system development lifecycle management (SSDLC), and make risk informed decisions.
- Leading guidance for new technologies and methodologies as business needs evolve.
- Providing guidance, interpretation and education on specific security policies across requesting organizations related to their projects and applications.
- Leading initiatives with risk areas that need specialized security expertise.
- Establishing and reporting on security score-cards and metrics to drive continuous improvement
What we’re looking for...
You'll need to have:
- This hybrid role will have a defined work location that includes work from home and assigned office days as set by the manager.
- Bachelor’s degree or four or more years of work experience.
- Six or more years of relevant work experience.
- Experience in Information Security, Technology or Technical Risk Analysis.
Even better if you have:
- A degree.
- Security certifications: CRISC, GSEC, CISA, CISM or CISSP, or willingness to obtain within 12 months of hire.
- Experience managing projects or PMP certification.
- Knowledge of cyber security risk management concepts, cyber security frameworks, control standards, secure coding principles, and security technologies.
- Experience with NIST/FISMA, COBIT 5, ISO 20000 series, ISO 27000 series, HIPAA, or PCI/DSS.
- Experience in a service and solution architecture of information technology services.
- Experience with product development methods and processes with solid business acumen.
- Experience with data architecture, modeling and integration.
- Experience leading process improvement, automation release management, and system development life cycle (waterfall & agile).
- Experience driving informed decisions regarding protecting confidentiality, integrity, and availability of data and systems.
- Knowledge of networking technologies, databases, middleware, cloud or operating systems.
- Experience with a variety of security tools such as Directory Services, Authentication Services, Logging & Monitoring, vulnerability scanning, etc.
- Experience implementing quantitative risk methodologies.
- Ability to apply working knowledge of new technologies and methodologies to meet evolving environments and business needs.
- Specific experience managing information security functions, strategy and risk within a Fortune 500 company.
- Experience creating and maintaining partnering relationships with business leaders at VP, SVP, and CIO levels, and the capability to interact and provide executive level communications.
- Strong communication, presentation and analytical skills along with the ability to thrive in a dynamic environment and handle multiple priorities.
- Strong documentation, planning, negotiation, work prioritization and organizational skills.
- Strong relationship skills and collaborative style to enable success across multiple partners.
Equal Employment Opportunity
We're proud to be an equal opportunity employer - and celebrate our employees' differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. At Verizon, we know that diversity makes us stronger. We are committed to a collaborative, inclusive environment that encourages authenticity and fosters a sense of belonging. We strive for everyone to feel valued, connected, and empowered to reach their potential and contribute their best. Check out our diversity and inclusion page to learn more.