What you’ll be doing...

As a Sr. Security Engineer, you will drive the integration of cybersecurity governance, policies, technologies, and operations across the Skyward product portfolio. You will work to embed security practices and risk management seamlessly into the development lifecycle of technology, systems, and services. You will be a trusted advisor to the engineering team, and have direct influence over elevating the security standards of the product and engineering department.

We are looking for an experienced Sr. Security Engineer to join our Skyward team and assist us in building security into the product, infrastructure, and processes.

  • Lead development of security architecture and design, for a wide range of hardware/ software products and services, built for Skyward business and consumer markets.

  • Develop security controls and processes for products developed and deployed in cloud environments.

  • Collaborate with Engineering to develop an in-depth security architecture, design and coding standards across infrastructure, application and data security, to drive a standardized set of security requirements, and align with internal policies and meet external compliance/regulatory requirements.

  • Perform threat modeling, conduct reviews of security architecture and platform/service designs, and audit source code.

  • Drive open innovation in product security best practices through industry collaboration.

  • Provide product security related coaching and mentoring to elevate security expertise of development teams.

  • Provide program management in driving security compliance initiatives such as SOCII and FIPS..

  • Collaborate with Product Management to prioritize security projects and assist in building security backlogs for Engineering teams to execute against.

  • Build relationships with Verizon InfoSec teams to align on best practice and internal policies and processes.

  • Collaborate with departments outside of Engineering, such as Sales, to help drive customer opportunities and answer application security questions.

What we’re looking for...

You'll need to have:

  • Bachelor’s degree or four or more years of work experience.

  • Six or more years of relevant work experience.

  • Five or more years of security focused work experience.

  • Security certifications: CRISC, GSEC, CISA, CISM or CISSP, or willingness to obtain them within 9 months of start date.

  • Five or more years of experience with Data security and Governance.

  • Five or more years of experience working with security best practices, principles, and common security frameworks, such as NIST, ISO, Common Criteria, TCSEC, OWASP, etc.

Even better if you have:

  • In-depth knowledge of application security concepts, best practices and methods.

  • Experience securing cloud infrastructure and cloud applications.

  • Experience in development and application security.

  • Experience with container-centric deployments using Docker & Kubernetes.

  • Experience implementing and integrating security tools into CI/CD.

  • Experience coding/scripting at least one language such as Java, Python, Ruby, or Go.

  • Knowledge of AWS native security tools.

  • Knowledge of web, mobile, API, Microservices, network and security architectures and design patterns.

  • Experience with data architecture, modeling and integration.

  • Understanding of security by design principles and architecture level security concepts.

  • Knowledge of current and emerging security technologies, threats and techniques for exploiting security vulnerabilities.

  • Experience with methodologies and tools, for threat analysis of complex systems, such as threat modeling and software fuzzing.

  • Knowledge of developer tools and environments, project management and bug tracking systems.

  • Experience building secure software based on frameworks such as OWASP, CWE, SANS, OpenSAMM, BSIMM.

  • Experience with various application security tools including SAST, SCA, DAST, Penetration testing, Fuzzing etc.

  • Experience with process improvement, automation release management, and system development life cycle (Waterfall and Agile).

  • Experience implementing quantitative risk methodologies.

  • Communication, presentation and analytical skills along with the ability to thrive in a dynamic environment and handle multiple priorities.

When you join Verizon...

You’ll have the power to go beyond – doing the work that’s transforming how people, businesses and things connect with each other. Not only do we provide the fastest and most reliable network for our customers, but we were first to 5G - a quantum leap in connectivity. Our connected solutions are making communities stronger and enabling energy efficiency. Here, you’ll have the ability to make an impact and create positive change. Whether you think in code, words, pictures or numbers, join our team of the best and brightest. We offer great pay, amazing benefits and opportunity to learn and grow in every role. Together we’ll go far.

Equal Employment Opportunity

We're proud to be an equal opportunity employer - and celebrate our employees' differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. Different makes us better.