What you’ll be doing...
The Principal Cloud Security Engineer is a member of the Information Security team who collaborates with a number of project and IT organizations across the Verizon family. This individual will partner with Merger & Acquisition teams reviewing applications, infrastructure, process, and practices currently in use by organization being on-boarded. This individual will also work with existing IT infrastructure and development teams within Verizon to implement sound practices across multiple security domains.
- Be an integral part of the Verizon M&A team conducting security design reviews on existing applications and technologies in use by on-boarding organizations and offer plans for remediation, recommendations, and technical compensating controls.
- Review IaaS, PaaS, and SaaS offerings in-use by partner organizations and drive alignment with existing Verizon IT security and privacy policies, working with internal and external stakeholders to design compensating controls and/or product feature enhancements.
- Design, recommend, and implement information security controls and policies for IT and Cloud environments - CASB management, proxy server management, firewall management, data protection (DLP, encryption), user account management (SSO, SAML), and encryption key management.
- Guide project teams with the right encryption standards for Web services, APs, SSO, etc.
- Provide security best practices for data systems in AWS, Oracle, Azure, and GCP ensuring integrity and confidentiality of Verizon’s sensitive data.
- Work with enterprise architects and developers to design optimal security practices to incorporate into new functionality.
- Mitigate security risks associated with projects that have a high technical complexity or involve significant challenges to the business.
- Communicate technical security concepts to other IT audiences including developers, architects, and leadership.
- Ensure new infrastructure and system builds include appropriate security packages, tools, logging, and monitoring applications.
- Provide detailed risk and remediation guidelines to M&A teams and other IT project stakeholders.
- Support governance, risk management, and compliance activities.
What we’re looking for...
You'll need to have:
- Bachelor's degree or four or more years of work experience.
- Six or more years of relevant work experience.
- Information Security certification - CISSP, GIAC, CISA, or related.
- Information security experience.
Even better if you have:
- BA / BS Degree - preferably in Computer Science, Information Security, Cyber Security, Engineering, or Information Technology.
- 6+ years of information security experience, ideally 10+ years of experience.
- 5+ years technical experience in at least one of the areas below:
- Hands-on technical network experience including enterprise level proxy server and/or firewall implementation.
- Hands-on technical experience with enterprise-level directory services (Active Directory, LDAP).
- 2+ years of experience in the areas below:
- Systems engineering roles supporting public or private clouds
- AWS, Azure, or GCP deployments and services (IAAS, PAAS, Automation, Orchestration).
- Familiarity with network architecture and topologies.
- Demonstrated track record of success in helping enterprise customers deploy important workloads to the cloud in a secure and compliant manner
- Familiarity with APIs, web services (RESTful and SOAP), and service oriented architecture (SOA).
- Exceptional verbal and written communications skills.
- Desire to work in a highly dynamic, rapidly changing environment.
- Experience advising customers on architectures meeting industry standards such as PCI DSS, ISO 27001, HIPAA, and NIST/DoD frameworks.
- Demonstrated effectiveness working across multiple business units to achieve results
- Expert understanding of a wide range of IT system components including architecture, authentication, connectivity, system hardware and software components, virtualization, cloud computing, and mobile.
- Ability to understand and suggest changes to system design choices in light of corporate security policy considerations and industry best security practices.
- Advanced ability to manage relationships with other business unit and external vendor stakeholders when IT security risks are present and system or process changes must be made to mitigate risk.
- Expert understanding of IT process modeling to determine risk to corporate systems. Ability to suggest appropriate controls based on corporate tolerance for risk.
When you join Verizon...
You’ll be doing work that matters alongside other talented people, transforming the way people, businesses and things connect with each other. Beyond powering America’s fastest and most reliable network, we’re leading the way in broadband, cloud and security solutions, Internet of Things and innovating in areas such as, video entertainment. Of course, we will offer you great pay and benefits, but we’re about more than that. Verizon is a place where you can craft your own path to greatness. Whether you think in code, words, pictures or numbers, find your future at Verizon.
Equal Employment Opportunity
We're proud to be an equal opportunity employer- and celebrate our employees' differences, regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or Veteran status. Different makes us better.
Click here for more info: http://www.verizon.com/about/work/jobs/8007895-principal-cloud-security-engineer
• Post ID: 15181632 littlerock