Engineer II, Security Engineer

When you join Verizon

You want more out of a career. A place to share your ideas freely even if theyre daring or different. Where the true you can learn grow and thrive. At Verizon we power and empower how people live work and play by connecting them to what brings them joy. We do what we love driving innovation creativity and impact in the world. Our V Team is a community of people who anticipate lead and believe that listening is where learning crisis and in celebration we come together lifting our communities and building trust in how we show up everywhere & always. Want in Join the #VTeamLife.

The GN&T Network Security team is looking for a highly motivated and experienced Cybersecurity Engineer to join the Network Security Defense team. The Defense teams are responsible for owning the security lifecycle and effectiveness across the Core Edge and Access networks as well as all systems and network functions within GN&T.

In this role you will be critical in advancing our security posture through real-time Threat Monitoring & Detection using SIEM tools like Splunk leading Incident Response efforts during a breach and managing the continuous Vulnerability Management lifecycle across networks and applications. The position also requires expertise in defining and implementing robust Security Architecture including firewalls encryption centralized Identity and Access Management and Multi-Factor Authentication (MFA). A strong candidate will also possess advanced Threat Hunting skills including Advanced Networking & Protocol Analysis Endpoint & Memory Forensics Data Science & Querying and demonstrable experience in Automation & Scripting to enhance our Cybersecurity tooling.

• Identifying technology gaps to lead in the design architecture and implementation of appropriate security solutions.

• Creating formal guidelines policies and procedures to ensure smooth and error-free operations.

• Implementing strategic solutions in a highly scalable environment.

• Partner across the Operations Engineering and Planning organizations to ensure secure design patterns are embedded into new deployments and major changes

• Working independently on strategic technical challenges.

• Identifying opportunities to mentor junior engineers guide and delegate technical documentation/tasks to support the team and broader organization.

• Communicating clearly and effectively articulating complex technical concepts to diverse internal and external audiences.

• Assisting network security incident response activities including triage containment eradication and recovery for disruptive threats

• Assisting with building and refining incident playbooks and response runbooks ensuring repeatable workflows for high-impact scenarios (ransomware phishing insider threat DDoS etc)

• Serving as escalation support for security related investigations providing expert-level analysis and guidance during active incidents

• Executing root cause analysis and produce clear incident reports outlining timeline impact evidence and remediation recommendations

• Conducting proactive threat hunting across the identity endpoint network telemetry to uncover adversary behavior and reduce dwell time

• Creating and tune threat detections using SIEM (Security Information and Event Management) to improve alert fidelity and reduce false positives

• Driving continuous improvement of network visibility and telemetry collection to strengthen detection and response capabilities

• Performing regular security control assessments validating configuration effectiveness and closing gaps discovered during incidents or hunts

Where youll be working...

In this hybrid role youll have a defined work location that includes work from home and assigned office days in one of the offices listed for this order to be eligible to apply for this position you must be within commuting distance of one of those locations.

What were looking for...

Youll need to have:

• Bachelors degree or Four or more years of relevant work experience.

• Two or more years of relevant work experience demonstrated through one or a combination of work and/or military experience or specialized training.

• Familiarity with Identity and Access Management (IAM) solutions.

• Strong foundational knowledge of incident response lifecycles (NIST or SANS) with experience designing testing and maintaining automation playbooks using SOAR platforms to automate triage and response actions.

• Strong ability to write complex optimized SPL (Splunk Search Language) searches including macros data models and lookups for efficient threat hunting and investigation.

• In-depth experience with risk-based alerting managing notable events asset/identity correlation and defining/tuning correlation searches.

• Experience in developing testing and maintaining automation playbooks using Python/API integrations and Splunk SOAR (Security Orchestration Automation and Response) to automate triage and response actions.

• Expert in conflict resolution and negotiation to ensure that design strategy and decisions consistently support security requirements.

Even better if you have one or more of the following:

• Certifications such as CCSP CySA GSOC GCDA Cisco Certified CyberOps or equivalent SIEM/SOC certifications

• Experience with networking (especially Internet-related protocols) and network and information security. Networking certifications such as Palo Alto PCNSE Cisco CCNP or CCNA.

• Strong working knowledge of incident response frameworks and methodologies like NIST 800-61 and MITRE ATT&CK

• Experience with big-data analytical tools such as Elasticsearch for automating security deployments and compliance checks.

• Ability to run & interpret network scans using tools such as Tenable Nessus Qualys Rapid7 InsightVM or OpenVAS. Ability to interpret CVSS scores and prioritize risk.

• Four or more years of hands-on experience working with internet-scale data sets such as Netflow BGP DNS and IDS logs.

• Knowledge and experience in one or more of statistics data visualization anomaly detection machine learning and system administration.

• Knowledge of network-based system-level and application-layer attacks and mitigation methods.

• Experience with a variety of leading SQL and NoSQL technologies UNIX or Linux systems engineering expertise with a variety of variants and security tools including Firewalls VPNs IDS/IPS DDoS mitigation and encryption for data in transit (e.g. IPsec or TLS) and at rest.

If Verizon and this role sound like a fit for you we encourage you to apply even if you dont meet every even better qualification listed above.

Scheduled Weekly Hours

Equal Employment Opportunity

Verizon is an equal opportunity employer. We evaluate qualified applicants without regard to veteran status disability or other legally protected characteristics.

Benefits and Compensation

Our benefits are designed to help you move forward in your career and in areas of your life outside of Verizon. From health and wellness benefit options including: medical dental vision short and long term disability basic life insurance supplemental life insurance AD&D insurance identity theft protection pet insurance and group home & auto insurance. We also offer a matched 401(k) savings plan up to 8 company paid holidays per year and up to 6 personal days per year paid parental leave adoption assistance and tuition assistance plus other incentives weve got you covered with our award-winning total rewards package. Depending on the role employees have the opportunity to receive compensation in the form of premium pay such as overtime shift differential holiday pay allowances etc. Newly hired employees receive up to 15 days of vacation per year which grows with additional service. For part-timers your coverage will vary as you may be eligible for some of these benefits depending on your individual circumstances.