Verizon is a leading provider of technology, communications, information and entertainment products, transforming the way we connect across the globe. We’re a diverse network of people driven by our ambition and united in our shared purpose to shape a better future. Here, we have the ability to learn and grow at the speed of technology, and the space to create within every role. Together, we are moving the world forward – and you can too. Dream it. Build it. Do it here.
What you’ll be doing...
The Network Security Planning (NSP) team is seeking a Senior Vulnerability Management Architect to lead development of end-to-end security architectures and roadmaps for Verizon’s vulnerability management capabilities such as software scanning, network vulnerability scanning and on-demand self-service security scanning. The Senior Vulnerability Management Architect will also support architecture and roadmap development for Verizon’s key systems such as its 4G/5G networks, intelligent Edge Network (iEN), IoT networks and devices, and big data/cloud. The Vulnerability Management Architect will use their knowledge of vulnerability management to ensure Verizon has managed all significant security risks and eliminated redundant security capabilities. The Vulnerability Management Architect will also work with academic and research institutions to identify and mitigate long-term security threats affecting vulnerability management.
As a member of the NSP team, you will work in a fast-paced environment focused on planning and managing security risk for Verizon’s most critical systems. You will interact with architecture and design teams building and operating new systems, security engineering and operations teams, and the Verizon CISO organization to ensure the team’s recommendations align with policy and security best practices. You will ensure the team collaborates with vendors and the broader security community to stay up to speed on the latest security developments and ensure their future capabilities align with Verizon’s needs.
As the Service Owner, define objectives, technical work, and timeline for developing architectures, roadmaps, and requirements for vulnerability management capabilities such as software scanning, network vulnerability scanning and on-demand self-service security scanning.
Develop architectures, roadmaps for future capabilities/enhancements, and requirements for vulnerability management capabilities across the on-premise and cloud environments that power Verizon’s network.
Research and conduct POCs with new vendors to determine what new capabilities are viable and what could/should be on the roadmap.
Execute RFIs/RFPs when it is time to reevaluate vulnerability management vendors and select the winning vendor.
Document vulnerability management capabilities and deployments in artifacts such as high-level designs (HLDs) and low-level designs (LLDs).
Shepherd deployments of vulnerability managmenet capabilities through the Network Implementation process
Collect feedback from stakeholders and users of the vulnerability management capabilities and incorporate that feedback into the roadmap so the service continually improves.
Create metrics/KPIs to show how the service is improving security over time.
Support development of security architectures, roadmaps, and requirements for key Verizon systems by documenting how your security capabilities will support and protect them.
Build relationships with program, engineering, operations, security, and CISO teams to understand how to develop plans that effectively manage Verizon’s security risks.
Communicate progress, findings, and ensure successful handoff of deliverables to program and operational teams.
Build domain knowledge of Verizon’s environment to understand long-term risk areas that will develop as the systems evolve.
Provide thought leadership by participating in network and security forums and collaborating with academic and research institutions.
What we’re looking for...
You’ll need to have:
Bachelor’s degree or four or more years of work experience.
Six or more years of relevant work experience.
Experience in the vulnerability lifecycle, impact modeling and mitigation.
Experience using vulnerability management metrics and standards such as CVE, CCE, CPE, CVSS.
Even better if you have:
A degree in a STEM field, (Computer Science, Electrical Engineering, or Computer Engineering).
CISSP or SANS GIAC GCIA certification.
Experience with scanning tools such as Tenable/Nessus.
Awareness of emerging threats and attacks mapped to effective mitigating controls.
Sound awareness of leading vendor products/applications to include product lifecycle & release schedules.
Subject matter expertise (SME) in one or multiple functional areas such as UNIX, Linux, Containers, Virtualization and Cloud.
Strong written and oral communication skills.
Ability to work independently on multiple high priority projects.
Ability to manage multiple high-visibility, complex technical projects.
Strong problem-solving skills.
Knowledge with the security domains of security engineering, IAM, asset/network security, software development, assessment, testing, and operations.
Knowledge with key Verizon system areas such as LTE, 5G, routing, switching, optical networks, IoT, big data, artificial intelligence, machine learning, cloud computing, etc.
Experience building security architecture, roadmaps, and program requirements.
Equal Employment Opportunity
We're proud to be an equal opportunity employer - and celebrate our employees' differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. At Verizon, we know that diversity makes us stronger. We are committed to a collaborative, inclusive environment that encourages authenticity and fosters a sense of belonging. We strive for everyone to feel valued, connected, and empowered to reach their potential and contribute their best.Check out our diversity and inclusion page to learn more.