What you’ll be doing...

The Verizon Corporate Information Security (CIS) organization ensures the confidentiality, integrity and availability of technology assets and information across all Verizon networks, systems and applications. To achieve these goals, CIS integrates cybersecurity governance, policies, technologies and operations across Verizon. The Product Security team within CIS works to embed security seamlessly into the development lifecycle of technology systems and services.

We are looking for an experienced Security Architect to join our Product Security team. As part of the Corporate Information Security organization, you will be responsible for the following primary activities:

  • Lead development of security architecture and design, for a wide range of hardware/ software products and services, built for Verizon business and consumer markets.
  • Lead definition of secure-SDLC (system development lifecycle) and product security maturity model, to adopt a shift-left approach to security.
  • Develop security controls and processes for products developed and deployed in cloud environments.
  • Develop in-depth security architecture, design and coding standards across infrastructure, application and data security, to drive a standardized set of security requirements, and align with internal policies and meet external compliance/regulatory requirements.
  • Perform threat modeling, conduct reviews of security architecture and platform/service designs, and audit source code.
  • Drive open innovation in product security best practices through industry collaboration.
  • Provide product security related coaching and mentoring to elevate security expertise of development teams.

What we’re looking for...

You'll need to have:

  • Bachelor’s degree or four or more years of work experience.
  • Six or more years of relevant work experience.
  • Experience securing cloud infrastructure and cloud applications.
  • Experience development and application security.

Even better if you have:

  • A degree.
  • Security certifications: CRISC, GSEC, CISA, CISM or CISSP, or willingness to obtain within 9 months of start date.
  • Knowledge of web, mobile, API, microservices, network and security architectures and design patterns.
  • Knowledge of AWS, Azure, GCP and OCI native security tools.
  • In-depth knowledge of application security concepts, best practices and methods
  • Demonstrated knowledge of security best practices, principles, and common security frameworks, such as NIST, ISO, Common Criteria, TCSEC, OWASP, etc.
  • Understanding of security by design principles and architecture level security concepts.
  • Knowledge of current and emerging security technologies, threats and techniques for exploiting security vulnerabilities.
  • Proven experience with methodologies and tools, for threat analysis of complex systems, such as threat modeling and software fuzzing.
  • Experience with penetration testing and vulnerability analysis frameworks and tools.
  • Knowledge of developer tools and environments, project management and bug tracking systems.
  • Ability to assess application security threats and provide mitigations.
  • Experience building secure software based on frameworks such as OWASP, CWE, SANS, OpenSAMM, BSIMM.
  • Experience with various application security tools including SAST, SCA, DAST, Penetration testing, Fuzzing etc.
  • Ability to secure container-centric deployments using Docker & Kubernetes.
  • Prior experience in implementing and integrating security tools into CI/CD.
  • Experience coding in Java, Python, or Go, and at least one scripting language.
  • Experience with data architecture, modeling and integration.
  • Experience with process improvement, automation release management, and system development life cycle (waterfall & agile).
  • Experience with Data security and Governance.
  • Experience driving informed decisions regarding protecting confidentiality, integrity, and availability of data and systems.
  • Experience implementing quantitative risk methodologies.
  • Strong communication, presentation and analytical skills along with the ability to thrive in a dynamic environment and handle multiple priorities.
  • Willingness to travel up to 25%.

When you join Verizon...

You’ll have the power to go beyond – doing the work that’s transforming how people, businesses and things connect with each other. Not only do we provide the fastest and most reliable network for our customers, but we were first to 5G - a quantum leap in connectivity. Our connected solutions are making communities stronger and enabling energy efficiency. Here, you’ll have the ability to make an impact and create positive change. Whether you think in code, words, pictures or numbers, join our team of the best and brightest. We offer great pay, amazing benefits and opportunity to learn and grow in every role. Together we’ll go far.

Equal Employment Opportunity

We're proud to be an equal opportunity employer - and celebrate our employees' differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. Different makes us better.