Engr IV-Security Engrg

When you join Verizon

You want more out of a career. A place to share your ideas freely even if theyre daring or different. Where the true you can learn, grow, and thrive. At Verizon, we power and empower how people live, work and play by connecting them to what brings them joy. We do what we love driving innovation, creativity, and impact in the world. Our V Team is a community of people who anticipate, lead, and believe that listening is where learning begins. In crisis and in celebration, we come together lifting our communities and building trust in how we show up, everywhere & always. Want in? Join the #VTeamLife.

What youll be doing...

The Verizon Cyber Security (VCS) organization securely enables the business by protecting assets and information across Verizon networks, infrastructure and applications. CIS integrates cybersecurity governance, policies, technologies and operations across Verizon, and works to incorporate security into the design of technology systems and services.

The Platform Security team within Verizons Cyber Security (VCS) organization works to embed security seamlessly into the development and operations lifecycle of technology systems and services.

We are looking for an experienced DevOps Automation Engineer to work collaboratively and creatively in the Security Scanning Center of Excellence Automation team to help integrate security into Agile/DevOps strategy and practices by using DevSecOps principles, processes and tools. You will also build automation/ infrastructure as code to enforce cloud infrastructure security. You will automate security processes into CI/CD pipeline. You will automate integrating security scan reports into dashboards.

• Building and maintaining DevSecOps pipelines to adopt shift-left paradigm for security testing (SAST, DAST, MAST, SCA, Container Scanning, API Security etc.).

• Developing and promoting best practices for DevSecOps and secure CI/CD.

• Enabling innersource model for secure pipeline scripts.

• Developing automation solutions for scans reporting and dashboard integrations.

• Staying up-to-date on new security tools & techniques, and act as driver of innovation and process maturity.

• Conducting research and evaluate new DevSecOps platforms, components, tools, and processes for new projects and ongoing initiatives.

• Collecting security-related metrics and increase security visibility across the organization.

• Deploying and manage security tools to cloud infrastructure platforms such as Google Cloud or AWS,through automation using infrastructure-as-code principles.

• Working with teams to bring continuous improvement to DevSecOps processes and tools.

What were looking for...

Youre driven to pinpoint a problem and tenacious about finding a solution. Youre organized and pay attention to details. You are the person that others rely on. You are accountable and follow through with a sense of urgency.

Youll need to have:

• Bachelors degree or four or more years of work experience.

• Four or more years of relevant work experience.

• Three or more years of SRE and/or DevOps experience.

• Experience as a full stack developer, with hands-on experience in DevSecOps practices.

• Experience with CI/CD tools such as GitLab, Jenkins, Nexus, Artifactory.

• Experience with software security, secure coding, or software assurance tools and techniques.

• Experience with software development or scripting with at least one of these programming languages - Java, Node JS, or Python.

• Knowledge of Agile & DevOps methodologies.

Even better if you have one or more of the following:

• A Masters degree.

• Certifications: One or more of the following CISSP, CISM, CRISC, GSEC.

• Experience with API and platform integration.

• Experience with tools and technologies used throughout secure SDLC (e.g. Fortify, Checkmarx,

• Veracode, WhiteSource, Blackduck).

• Proven track record of securely architecting and owning cloud platforms such as (AWS, GCE, Azure)

• using Infrastructure as code techniques.

• Experience with Linux Containers (Docker), Kubernetes, and deployment of containerized applications/microservices architectures.

• Experience in software development.

• Experience in Information Security, Networking or Security Risk Management.

• Experience with Cloud Security (AWS, GCS, Azure).

• Experience with ISO 27001-2, NIST 800-53, or other controls standards.

• Excellent documentation and organization skills.

• Ability to multitask, take direction, prioritize, and manage multiple activities / tasks to achieve objectives.

• Excellent oral, written, and interpersonal skills. Ability to present and communicate to both superiors and peers.

If Verizon and this role sound like a fit for you, we encourage you to apply even if you dont meet every even better qualification listed above.

Where youll be working

Scheduled Weekly Hours

Equal Employment Opportunity

Verizon is an equal opportunity employer. We evaluate qualified applicants without regard to race, gender, disability or any other legally protected characteristics.