What you’ll be doing...

Join our Application Security team where you will perform detailed, technical and nontechnical risk and vulnerability assessments of relevant technology focus areas and prepare reports with recommended remediation strategies/solutions. You will use manual penetration testing in addition to using tools and analyzing the results to determine the risk level based on a number of predetermined factors.

You will also perform risk analysis (e.g., threat, vulnerability, and probability of occurrence) on new applications or when an application or system undergoes a major change. You will use threat modeling tools to determine major risks associated with applications. You will work a variety of security projects, including DevSecOps to continue to drive the shift-left mentality of the application teams. You will analyze DAST policies and configurations specifically related to enterprise implementation and evaluate compliance with regulations and organizational directives. Additionally, you meet with application development teams to reinforce security requirements as they relate to their Web Applications and Manual Penetration Assessments.

What we’re looking for...

You’ll need to have:

  • Bachelor’s degree or four or more years of work experience.
  • Three or more years of relevant work experience.
  • Experience with Dynamic Application Security Testing (DAST).
  • Experience with Penetration Testing using manual tools such as Burpsuite, sqlmap, ZAP, etc.

Even better if you have:

  • Master’s degree.
  • Four or more years of relevant work experience.
  • Experience with application development.
  • Knowledge of the SDLC, continuous build systems and other software engineering methodologies/systems.
  • Knowledge of system and application security threats, vulnerabilities and secure configuration management techniques, software debugging principles, software design tools, methods, and techniques, software development models and secure coding techniques.
  • Ability to make recommendations regarding the selection of cost-effective security controls to be implemented beyond DAST evaluation.
  • Experience conducting vulnerability scans and recognizing vulnerabilities in security systems.
  • Knowledge of basic network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
  • Ability to discern the protection needs (i.e., security controls) of information systems and networks.
  • Familiar with secure test plan design (e. g. unit, integration, system, and acceptance).
  • Knowledge of critical infrastructure systems with information technology that were designed without system security considerations.
  • Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
  • Strong organization skills and demonstrated ability to manage multiple, often conflicting priorities to successful completion.

When you join Verizon...

You’ll be doing work that matters alongside other talented people, transforming the way people, businesses and things connect with each other. Beyond powering America’s fastest and most reliable network, we’re leading the way in broadband, cloud and security solutions, Internet of Things and innovating in areas such as, video entertainment. Of course, we will offer you great pay and benefits, but we’re about more than that. Verizon is a place where you can craft your own path to greatness. Whether you think in code, words, pictures or numbers, find your future at Verizon.

Equal Employment Opportunity

We're proud to be an equal opportunity employer- and celebrate our employees' differences,including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. Different makes us better.