What you'll be doing...
The Product Security team within Verizon's Corporate Information Security (CIS) organization works to embed security seamlessly into the development lifecycle of technology systems and services. We are looking for a Security Engineer who can enable product teams to deliver secure-by-design applications and infrastructure, by providing cybersecurity expertise and guidance throughout the system development life-cycle.
What we're looking for...
- Maintain current knowledge of security threats and vulnerabilities that could impact products and their technology stack components, and help product teams identify solutions that meet security requirements.
- Provide subject matter expertise on secure design & coding practices, assist in building and rolling out related guidelines and standards, perform manual source code reviews for high risk components
- Build secure code library (security code snippets, common libraries, cryptographic libraries)
- Evaluate and operationalize security tools by integrating with the development environment and commit/build pipelines
- Have significant penetration testing experience and offensive capabilities in numerous core competency areas including web applications, mobile applications, networks, infrastructure (cloud and on-prem).
- Review security test results from vulnerability scans, penetration testing for true positives and propose appropriate remediation measures or mitigation controls
- Assist in incident response by providing tier-3 engineering support to remediate critical security bugs in production environments
You'll need to have:
- Bachelor's degree or four or more years of work experience.
- Four or more years of relevant work experience.
- Technical experience in application security.
Even better if you have:
- A degree in Computer Science, Computer Engineering or a related field.
- Certifications: One or more of the following GIAC, CISSP, CSSLP, OSCP, CCSP.
- Working knowledge of secure coding principles, application security vulnerabilities, and countermeasures.
- Experience with application programming and the overall software development life cycle.
- Experience in Cloud security including AWS.
- Experience implementing DevSecOps pipelines.
- Experience in hands-on software development: Python, PERL, Ruby, Go, C, etc.
- Experience working with SQL languages: Postgres, MySql, Maria, etc.
- Experience working with deployment tools: Ansible, Chef, Puppet, etc.
- Experience working with Open Source code.
- Knowledge with Git (or other repositories) and version control best practices.
- Experience in converting manual processes into automated processes.
- Experience with cloud-based solutions.
- Experience with Agile methodologies.
- Ability to translate requirements into understandable deliverables.
- Excellent verbal and written communication skills.
- Programming and computer skills with emphasis on application development.
- Willingness to travel 25% or less.
22CyberOPSWhen you join Verizon...
You'll have the power to go beyond - doing the work that's transforming how people, businesses and things connect with each other. Not only do we provide the fastest and most reliable network for our customers, but we were first to 5G - a quantum leap in connectivity. Our connected solutions are making communities stronger and enabling energy efficiency. Here, you'll have the ability to make an impact and create positive change. Whether you think in code, words, pictures or numbers, join our team of the best and brightest. We offer great pay, amazing benefits and opportunity to learn and grow in every role. Together we'll go far.Equal Employment Opportunity
We're proud to be an equal opportunity employer - and celebrate our employees' differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. Different makes us better.
Posting ID: 559414748Posted: 2020-07-14