What you’ll be doing...
As a Principal on the Information Risk Management team you will be responsible for penetration testing, application assessment and vulnerability management work streams. You will be tasked with discovering and disclosing security vulnerabilities that exist in pre-production and production platforms comprising the Verizon Wireline network. You will ensure network assets are compliant with Verizon’s corporate security policies. You will be responsible for supporting Incident Response teams whenever vulnerabilities are announced. You will document security assessment findings and include recommended actions, prioritization of findings and impact statements. All vulnerability testing will be conducted while causing zero outages to the network.
- Responsible for managing risk and compliance in the Global Network Management operations environment.
- Perform data analytics on products, code, and new platforms for risk identification, avoidance and mitigation.
- Performs audits and assessments.
- Monitors and measures effectiveness of security solutions.
- Responsible for promoting technology defense concepts, strategies and methodologies to preventsecurity incidents from occurring.
- Works to ensure network assets remain protected against the evolving external and internal threatlandscapes.
- Educates internal and external stakeholders on securityprocesses & procedures.
- Documents methods and procedures and works to enhance existing methodology material continuously.
- Support collaboration within the team.
- Analyze assessment findings and make recommendations for security improvements.
- Keep up to date with latest testing and ethical hacking methods.
- Report on findings to a range of stakeholders and executives.
- Share knowledge of vulnerabilities, exploits, tools and security concepts to peers and management through presentations.
What we’re looking for...
You’ll need to have:
- Bachelor’s degree or four or more years of work experience.
- Six or more years of relevant work experience.
Even better if you have:
- A degree.
- 8 or more years of experience in Information Security industry.
- Security certifications in one or more of the following; GIAC, OSCP, CISSP.
- Experience with system administration or application development experience.
- Strong understanding of network protocols.
- Familiarity with web application technologies.
- Solid technical skills in both information securityarchitecture and penetration testing.
- Ability to assess testing tools and deploy the right ones.
- Solid understanding of ethical hacking.
- Scripting and programming experience.
- Ability to explain findings to non-technical professionals.
- Excellent report writing and presentation skills.
- Customer facing skills and a proven track-record of building client relationships.
- Flexibility to change direction and manage conflicting demands.
- Outstanding organizational and data analytics skills.
- Comfort working in a fast-paced environment.