Senior Cloud Security Engineer ( 579556-1C )
When you join Verizon
Verizon is a leading provider of technology, communications, information and entertainment products, transforming the way we connect across the globe. We’re a diverse network of people driven by our ambition and united in our shared purpose to shape a better future. Here, we have the ability to learn and grow at the speed of technology, and the space to create within every role. Together, we are moving the world forward – and you can too. Dream it. Build it. Do it here.
What you’ll be doing...
The Verizon Corporate Information Security (CIS) organization securely enables the business by protecting assets and information across Verizon networks, infrastructure and applications. CIS integrates cybersecurity governance, policies, technologies and operations across Verizon, and works to incorporate security into the design of technology systems and services.
As a member of Verizon’s Platform Security organization you will support the team in its goals of embracing cloud based technologies across multiple providers (Amazon AWS, Microsoft Azure, Google GCP, etc.) supporting differing service implementations (IaaS, SaaS). Cloud Security Operations team requires security skilled staff to support the demands of the business and to care for our customer base.
As a Senior Cloud Security Engineer, you will be a strategic contributor in information security, problem solving and relationship management to lead internal programs aimed at: driving compliance and attestation of multi-cloud platforms against Verizon security policies, industry standards and regulations, and government regulations, identifying and mitigating security risks in our cloud deployments; innovating/maintaining security as code automation and balancing security requirements with the dynamic needs of our users and the values of our company. In this role you will gain valuable experience and insight in protecting Verizon’s multiple cloud environments and will be at the heart of guarding our data and applications against advanced threat adversaries.
- Review and provide feedback on large-scale technical decisions.
- Research, document and deploy complex security solutions for continuous monitoring solution across various cloud platform (AWS, GCP) & technologies (container).
- Manage risks by implementing remediations, including policy and architecture recommendations.
- Drive operational efficiency by automation and standardization of process & tools.
- Lead and drive various security projects as needed across different platforms and security domains.
- Develop and present executive reporting at CISO/CIO level.
- Develop and implement custom security policies using SaaS vendor tools.
- Manage SaaS products for Security operations including Onboarding cloud account, User Management, Policy Management including review, analysis, Reporting, License and Cost Management.
- Manage vendor(s) to meet the needs of the business.
- Keep stakeholders updated with communications and weekly reporting.
- Act as a ‘cloud security consultant’ to other architects and engineers, proactively making recommendations around cloud/container security.
- Identity, analyze and recommend cloud cost savings to reduce overall spend to support annual renewal and budgeting needs.
Where you'll be working.....
This hybrid role will have a defined work location that includes work from home and assigned office days as set by the manager.
What we’re looking for...
You'll need to have:
- Bachelor’s degree or four or more years of work experience.
- Six or more years of relevant work experience.
- Experience with one or more Public Cloud (AWS/Azure/GCP).
Even better if you have one or more of the following:
- Master’s degree in Information Technology, Computer Science, Information Security or related.
- Experience in Security, Compliance and or development.
- AWS Certified (AWS Certified Security Specialty; AWS Certified Solution Architect) or Kubernetes Certified (Certified Kubernetes Administrator, Certified Kubernetes Security Specialist).
- Demonstrated knowledge of multi-cloud platforms (AWS, GCP, Azure, OCI, etc.) to be able to identify and prioritize potential security challenges.
- Demonstrated experience of Infrastructure as a Service (IaaS) cloud platforms, such as: IAM, compute (i.e. EC2, GCE), storage (volume/object), networking (VPC, VCN, Load Balancers, Security Groups/List, NACLs), serverless (i.e. Lambda) etc.
- Firm understanding of cloud console(s) navigation and CLI execution to research and query/validate potential security risks and of security violations.
- Experience with security frameworks CSA, NIST, CIS, PCI DSS, etc.
- Experience researching, evaluating and communicating identified vulnerabilities and risks pose to the organization’s information and systems.
- Demonstrated experience in administration/management of continuous monitoring solutions.
- Account Management: experience adding/removing cloud accounts.
- Signature Management: experience tuning of signatures, authoring / deployment of custom signatures.
- Experience managing SaaS vendors to deliver on the needs of the business.
- Development experience (i.e. Java, Python).
- Experience in Jenkins, JIRA, Confluence.
- Understanding of containerization (Docker, Kubernetes, Elastic Container Service) and best practices to secure registries, images, workloads, etc.
Equal Employment Opportunity
We're proud to be an equal opportunity employer - and celebrate our employees' differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. At Verizon, we know that diversity makes us stronger. We are committed to a collaborative, inclusive environment that encourages authenticity and fosters a sense of belonging. We strive for everyone to feel valued, connected, and empowered to reach their potential and contribute their best. Check out our diversity and inclusion page to learn more.
COVID-19 Vaccination Requirement
Verizon requires new hires to be fully vaccinated against COVID-19. Verizon provides reasonable accommodations consistent with legal requirements (e.g., for medical or religious reasons).