Job was saved successfully.
Job was removed from Saved Jobs.

Job Details

Verizon Communications Inc

Principal Security Risk Management




Cary, North Carolina, United States

When you join Verizon

Verizon is one of the world's leading providers of technology and communications services, transforming the way we connect around the world. We're a human network that reaches across the globe and works behind the scenes. We anticipate, lead, and believe that listening is where learning begins. In crisis and in celebration, we come together-lifting up our communities and striving to make an impact to move the world forward. If you're fueled by purpose, and powered by persistence, explore a career with us. Here, you'll discover the rigor it takes to make a difference and the fulfillment that comes with living the #NetworkLife.

What you'll be doing...

As a member of our Verizon Public Sector Information System Security Officer (ISSO) team, you will bring your passion, education and experience to the critical task of managing security governance, risk, and compliance for Verizon cloud-based systems supporting our public sector agency sponsors and customers.

As an ISSO, you will serve as the principal advisor on all matters involving the security posture of Verizon's public sector cloud applications and environments. You will work with a team of security professionals to ensure that the people, processes, and technology that support cloud environments are hardened against all types of security threats and risks. You will provide critical expertise in the development and implementation of industry-leading cyber defense mechanisms that will protect infrastructure against today's evolving threat actors. You will be responsible for leading security and compliance efforts including the following:

  • Ensuring that Federal Information Systems Security Act (FISMA), NIST 800-53 rev. 5, FedRAMP, and agency-specific security requirements are identified, implemented, maintained, tested, and compliant.
  • Coordinating System Security and Privacy Plan (SSPP) and security artifact development and maintenance activities.
  • Supporting Assessment and Authorization (A&A) activities in order to achieve an Authorization to Operate (ATO).
  • Leading the system's continuous monitoring program and ensuring that all related activities are completed, validated, and communicated.
  • Developing and participating in an effective incident response function to detect, analyze, contain, eradicate, and recover from security events and incidents.
  • Reviewing vulnerability information and providing expertise in mitigation efforts.
  • Managing the Plan of Action and Milestone (POA&M) and communicating status to stakeholders.
  • Performing security impact analyses and making security approval decisions on changes to the system and its environment.

What we're looking for...

You'll need to have:
  • Bachelor's degree or four or more years of work experience.
  • Six or more years of relevant work experience.
  • Experience in an Information Security, Information Risk Management, Cyber Governance, or GRC Compliance related position supporting a FedRAMP cloud IT system.
  • Must be able to pass an extensive background investigation as a condition of employment.

Even better if you have one or more of the following:
  • Position-relevant degree in information technology, Cybersecurity, Cybersecurity Public Policy, or Cybersecurity Engineering.
  • One or more of the following professional certifications preferred: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Controls (CRISC), or Certified in Governance, Risk and Compliance (CGRC).
  • Knowledge of all stages of the NIST Risk Management Framework.
  • Knowledge of NIST 800-53 Rev. 5 FedRAMP controls and how they are implemented within a cloud environment.
  • Knowledge of data security fundamentals and best practices with prior responsibilities of protecting cloud assets.
  • Experience in producing security documentation and artifacts for a FedRAMP cloud environment.
  • Ability to coordinate and lead productive working sessions with resources from multiple application and technology teams across the enterprise.

If Verizon and this role sound like a fit for you, we encourage you to apply even if you don't meet every "even better" qualification listed above.

Where you'll be working

In this hybrid role, you'll have a defined work location that includes work from home and assigned office days set by your manager.

Scheduled Weekly Hours

Equal Employment Opportunity

We're proud to be an equal opportunity employer - and celebrate our employees' differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. At Verizon, we know that diversity makes us stronger. We are committed to a collaborative, inclusive environment that encourages authenticity and fosters a sense of belonging. We strive for everyone to feel valued, connected, and empowered to reach their potential and contribute their best. Check out our diversity and inclusion page to learn more.YmJnZW5lcmljLjY1NTY3LjEzMTgzQHZlcml6b253b3JrZGF5LmFwbGl0cmFrLmNvbQ.gif