At Verizon, were seeking highly technical cloud computing security experts who can analyze, validate and consult on implementation corrective actions to work on minimizing cloud security risk in our multi-cloud environments.
As a member of Verizons Cloud Security Integration Services organization you will support the team in its goals of embracing cloud based technologies across multiple providers (Amazon AWS, Oracle OCI, Google GCP, etc.) supporting differing service implementations (IaaS, SaaS, PaaS). Cloud Security Operations team requires security skilled staff to support the demands of the business and to care for our customer base.
As a Senior Cloud Security Technical Engineer, you will be a strategic contributor in information security, problem solving and relationship management to lead internal programs aimed at: achieving certification and attestation of multi-cloud platforms against Verizon security policies, industry standards and regulations, and government regulations, identifying and mitigating security risks in our cloud deployments; ensuring security alignment to corporate policies; and balancing security requirements with the dynamic needs of our users and the values of our company. In this role you will gain valuable experience and insight in protecting Verizons multiple cloud environments and will be at the heart of guarding our data and applications against advanced threat adversaries.
Passion and excitement for cloud security and the willingness to learn and build as much knowledge as possible in a fast-paced dynamic environment. Are you up for the challenge?
Become proficient with corporate and industry security requirements/best practices
Stay current on cloud security policies, standards, regulations making recommendations for the company
Work closely and collaboratively with Information Security Officers (ISOs), IT Portfolios, and Business units to support their needs
Act as an advocate of information security policies, standards, controls and as an enabler to the business while managing risk appropriately
Manage cloud security products (i.e. Cloud Conformity, Evident.io, Dome9, Redlock.io, etc.) Manage addition/deletion of cloud accounts, ensuring continuous monitoringUser administration Signature management and tuning Assist customers with solution integration featuresProduce reports, scorecards and related metricsManage vendor(s) to meet the needs of the business
Keep stakeholders updated with communications and weekly reporting.
Drive mitigation of reported risks from continuous monitoring solutions
Track and report on the status of cloud security risks to corporate/industry requirements.
Gain deep security-level knowledge of cloud environments, continuous monitoring solutions to understand and provide direct guidance for security remediation activities.
Partner with enterprise teams to establish preventative controls to support security needs via automation.
Act as a focal point in the implementation & delivery of a formalized information security awareness offerings
Represent the Security Operations team with various stakeholders including: Infrastructure, Network, Development, Governance, Legal, Security Automation to drive remediation of identified risks, endorse preventative solutions gather requirements, and influence stakeholders to reduce risk and maintain security alignment to corporate and or industry requirements.
Maintain strong awareness of cloud security incidents in the external community to identify threats and opportunities for enhancement. Apply those learnings to Cloud Security Operations program and associated solutions.
Lead cloud threat intelligence program, responsible for gathering the necessary security intelligence, ensure correlation of threat intelligence with Verizon systems, analyze the resulting threat from the relevant information and then formulate actionable responses and threat mitigation to ensure the protection of Verizon's systems, customer information and brand.
Lead evaluation, recommendation, implementation and support third party cloud security ecosystem tools. Examples include: Cloud Conformity, Evident.io, Dome9, Redlock.io, Cloud Custodian, etc.
Analyze and recommend cloud cost savings to reduce overall spend
Support annual renewal and budgeting needs
Provide technical mentoring and knowledge transfer to members of the team.
Perform all other duties as assigned.
What were looking for...
You'll Need to Have:
Bachelors degree or four or more years of work experience.
Six or more years of experience in Security or Information Technology.
Two or more years of experience with AWS/Public Cloud
Masters degree in Information Technology and or Security
Eight or more years of experience in Security, Compliance and risk management, including privacy, controls, etc.
One of more of the following certifications: Google Cloud Certified (GCP) Associate Cloud Engineer (ACE), Oracle Cloud Infrastructure(OCI) Certified Architect Associate (CAA ), AWS Certified Solutions Architect professional, AWS Certified Security Specialty, CSA Certificate of Cloud Security Knowledge (CCSK), ISC2 Certified Cloud Security Professional (CCSP).
Cloud ComputingDemonstrated knowledge of multi-cloud platforms (AWS, GCP, Azure, OCI, etc.) to be able to identify and prioritize potential security challengesDemonstrated experience of Infrastructure as a Service (IaaS) cloud platforms, such as: IAM, compute (i.e. EC2, GCE), storage (volume/object), networking (VPC, VCN, Load Balancers, Security Groups/List, NACLs), serverless (i.e. Lambda) etc.Firm understanding of cloud console(s) navigation and CLI execution to research and query/validate potential security risks and of security violations. Knowledge with native cloud security services AWS Trusted Advisor, Amazon Inspector/Google Cloud Security Scanner, AWS Configuration
Security Compliance SkillsFamiliarity with security frameworks CSA, NIST, CIS, PCI DSS, etc.Technical skills to identify and assess cloud security vulnerabilities and risksExpertise in researching & evaluating identified vulnerabilities and risks pose to the organizations information and systemsAbility clearly explain identified risks and recommended remediationProduce and communicate appropriate reporting & metrics to stakeholders (owners)
Cloud Security Continuous Monitoring SolutionsDemonstrated experience in administration/management of continuous monitoring solutionsAccount Management: adding/removing cloud accountsSignature Management: tuning of signatures, authoring / deployment of custom signaturesManage continuous monitoring vendors to deliver on the needs of the business
Expertise with Jenkins, JIRA, Confluence
Understanding of containerization (Docker, Kubernetes, Elastic Container Service) and best practices to secure registries, images, workloads, etc.
Ability to clearly communicate technical concepts to all audiences
Youll be doing work that matters alongside other talented people, transforming the way people, businesses and things connect with each other. Beyond powering Americas fastest and most reliable network, were leading the way in broadband, cloud and security solutions, Internet of Things and innovating in areas such as, video entertainment. Of course, we will offer you great pay and benefits, but were about more than that. Verizon is a place where you can craft your own path to greatness. Whether you think in code, words, pictures or numbers, find your future at Verizon.
Equal Employment Opportunity
We're proud to be an equal opportunity employer- and celebrate our employees' differences,including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. Different makes us better.
* The salary listed in the header is an estimate based on salary data for similar jobs in the same area. Salary or compensation data found in the job description is accurate.