Principal Cyber Security Engineer
Company: VerizonMedia
Location: Basking Ridge
Posted on: August 5, 2022
|
|
Job Description:
When you join VerizonVerizon is one of the world's leading
providers of technology and communications services, transforming
the way we connect across the globe. We're a diverse network of
people driven by our shared ambition to shape a better future.
Here, we have the ability to learn and grow at the speed of
technology, and the space to create within every role. Together, we
are moving the world forward - and you can too. Dream it. Build it.
Do it here.What you'll be doing...As a Principal Security Engineer,
you will work with a global security team that keeps our
enterprise-class cloud service secure from a variety of threats. We
are looking for an individual contributor who is passionate about
information security and has hands-on experience with projects that
underwent successful FedRAMP and DOD IL-4 authorizations.Be a
member of our global security engineering team responsible for
securing our cloud service.Engage early on with engineering teams
in the software development lifecycle (SDLC) to ensure that designs
and implementations follow security best practices.Drive the
implementation of security controls in the application and the
operating environment to meet the requirements of NIST 800-53-based
programs such asFedRAMP and DOD Impact Levels (IL-4 and up).Work
with third party advisory firms and assessor organizations to
prepare our product offerings for FedRAMP and DOD Impact Level
ATO.Perform Proof of Concept for Security features working closely
with the engineering teams and proactively follow through to
successful implementation in the product.Utilize vulnerability
scanning and application/infrastructure monitoring tools
effectively to improve the Organization's security
posture.Coordinate internal and 3rd party app security, penetration
testing and bug bounty programs. Reproduce reported security bugs
and work with Engineering to address them timely without side
effects.Work closely with Operations, IT, Support and Engineering
teams to monitor and remediate security incidents.Assist Sales and
Sales Engineering with RFP responses related to product security
when required.Be a role model to create a culture of security in
the company.Lead Security Champions MeetingsMentor Junior Engineers
in the teamWhere you'll be working...This hybrid role will have a
defined work location that includes work from home and assigned
office days as set by the manager.What we're looking for...You'll
need to have:Bachelor's degree or four or more years of work
experience.Six or more years of relevant work experience.Experience
designing and securing applications involving Public Cloud like
AWS, Azure, GCP, etc.Experience driving projects where one or more
products obtained successful FedRAMP ATO.Even better if you
have:Five or more years of software development experience with
security focus or as an application security engineer.Programming
experience in a scripting or a high level language.Experience as a
Security Engineer in an Enterprise SaaS-based products
companyExperience with container orchestration frameworks such as
Kubernetes and secure CI/CD processesKnowledge of Transport Layer
protocols such as TCP/TLS and Application layer protocols such as
HTTP, SIP and SRTP.An out of the box thinker who can come up with
good threat models for a design and misuse cases to validate
it.Knowledge of the latest OWASP Top 10 and SANS Top 25
vulnerabilities and the corresponding mitigation
techniques.Experience with tools from 3rd party vendors such as
Tenable, Whitehat and/or open source tools such as Nessus,
Metasploit, Burp Suite, and Nmap.Active membership of Information
Security user groups with security certification (CISSP, CEH,
GWAPT, GPEN, OSCP, etc.) will be an added plusGood communications
skills to work effectively with cross functional teams involving
Engineering, Support, Operations, Program Management and IT -
especially when leading an emergency patch development and
deployment.Equal Employment OpportunityWe're proud to be an equal
opportunity employer - and celebrate our employees' differences,
including race, color, religion, sex, sexual orientation, gender
identity, national origin, age, disability, and Veteran status. At
Verizon, we know that diversity makes us stronger. We are committed
to a collaborative, inclusive environment that encourages
authenticity and fosters a sense of belonging. We strive for
everyone to feel valued, connected, and empowered to reach their
potential and contribute their best. Check out our diversity and
inclusion page to learn more.COVID-19 Vaccination RequirementNYC
candidates: Verizon requires new hires to be fully vaccinated
against COVID-19 for onsite and hybrid NYC roles. Verizon provides
reasonable accommodations consistent with legal requirements (e.g.,
for medical or religious reasons). Additional information will be
provided during the hiring process.
Keywords: VerizonMedia, Newark , Principal Cyber Security Engineer, Engineering , Basking Ridge, New Jersey
Click
here to apply!
|