Security Analyst

When you join Verizon

Verizon is one of the world’s leading providers of technology and communications services, transforming the way we connect across the globe. We’re a diverse network of people driven by our shared ambition to shape a better future. Here, we have the ability to learn and grow at the speed of technology, and the space to create within every role. Together, we are moving the world forward – and you can too. Dream it. Build it. Do it here.

What you’ll be doing...

As a Security Analyst with at least 3 years of experienceinvestigating network threats,you’ll handle day-to-day triage, investigation, and mitigation of security threats, as well as short-notice ad hoc work, and see them through to completion on behalf of the government and public sector customers, whose networks we protect and defend. You’ll provide critical value to Verizon's Managed Security Operations Team using your network security research skills and threat analysis to provide context about security events. You'll provide recommendations for remediation actions and suggestions for implementing best practices. You’ll make recommendations to improve standard processes and procedures. Security Analysts provide critical value to the Security Incident and Event Management (SIEM) workflow, leveraging their extensive knowledge to provide context to events. Senior Security Analysts additionally provide recommendations for remediation actions and suggestions for implementing best practices and improving standard processes and procedures.

• Provide “eyes on glass” near real-time security monitoring in a 24x7 environment by monitoring security infrastructure and security alarm devices for Indicators of Compromise utilizing a proprietary SIEM and cybersecurity tools.
• Perform near real-time health monitoring of alerts and escalating critical alerts in compliance with the service level agreement.
• Detect security incidents and analyze threats for complex and/or escalated security events.
• Analyze high volumes of open source and proprietary threat reporting to advise team and customers on IOCs and threat actor TTPs.
• Recommend proactive threat mitigation to customers.
• Respond to customer Requests for Information including using Linux command line skills to query raw logs for IOCs, answering questions about the MSS infrastructure, and features of the SIEM including correlation engine while recommending best practices.
• Develop internal and/or external documentation, such as detailed procedures, playbooks, and runbooks.
• Review and assess reports concerning operational metrics.
• Perform level 2 assessment of incoming alerts (assessing the priority of the alert, determining severity of alert in respect to customer environment, correlating additional details) and coordinate with tier III for critical priority incidents, if necessary.
• Perform incident response activities utilizing customer SIEM and cybersecurity toolkits.
• Assist with quality control during onboarding of new customers to verify validity of Use Cases and generated alerts.

Where and when you’ll work:

You must be located within commuting distance of our Ashburn, VA or Cary, NC location. Team members currently work 5x8 hour shifts per week with the potential to move to 4x10 hour shifts per week. The position would start off working in the office Monday through Friday 7:00 a.m. - 3:30 p.m. during onboarding and training. The regular working schedule after training will be either Sunday to Thursday or Tuesday through Saturday, 7:00 a.m. - 3:30 p.m. Potential for remote work once training/onboarding is completed.

What we’re looking for...

You'll need to have:

• Bachelor’s degree or four or more years of work experience.
• Three or more years of relevant work experience.
• Three or more years of relevant work experience in a threat analyst or security analyst role.
• Three or more years of experience using a SEM/SIEM for analytics.
• Must have, or be eligible to obtain and maintain, a U.S. Government Clearance at the GSA Public Trust level.
• Experience with scripting, parsing, and query development in enterprise SIEM solutions.
• Experience in tuning use cases & content, driven from day to day optimizations, with understanding of best practices to ensure adjustments do not cause false negatives.
• Experience analyzing Indicators of Compromise.
• Experience with incident response techniques related to network forensic analysis.
• Experience with implementing changes on next generation firewalls including firewall policy & content inspection configuration (Fortimanager, Fortigate, Cisco, Palo Alto, Checkpoint, etc.)
• Experience following documented processes and procedures.
• Experience with health and availability monitoring.
• Experience with Linux command line.

Even better if you have one or more of the following:

• Five or more years of experience in a Security Analyst position.
• Incident response experience utilizing different SIEMs and industry best practices.
• Knowledge of device logging and ingestion, network troubleshooting, and device troubleshooting.
• Knowledge of threat landscape and indicators of compromise.
• Knowledge with incident response techniques related to network forensic analysis.
• Experience investigating security incidents with SIEMs, use case development/tuning, and understanding of incident response.
• Experience with IPS including analyzing alerts generated by the inspection with consideration to how signatures are written, and how to identify false positives.
• Experience with implementing changes on next generation firewalls including firewall policy and content inspection configuration (Fortimanager, Fortigate, Cisco, Palo Alto, Checkpoint, etc.)
• Skilled with Linux command line.
• Scripting knowledge in one of the following: Python, Powershell, Bash Shell, Java, Ansible, etc.
• Security Certifications: SANS GIAC or GCIH, CompTIA Security+, CCNP-Security, Palo Alto CNSE, Fortinet NSE, CySA+, GCED, CEH, or comparable security-related certification(s).
• Problem solving skills.
• Proactive in engaging with customers and Verizon management teams.
• Experience with customer service and supporting service desk functions such as IAM.
• Ability to communicate clearly and concisely in written and oral English.

22CyberOPS

22CyberVES

Equal Employment Opportunity

We're proud to be an equal opportunity employer - and celebrate our employees' differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. At Verizon, we know that diversity makes us stronger. We are committed to a collaborative, inclusive environment that encourages authenticity and fosters a sense of belonging. We strive for everyone to feel valued, connected, and empowered to reach their potential and contribute their best. Check out our diversity and inclusion page to learn more.

COVID-19 Vaccination Requirement

NYC candidates: Verizon requires new hires to be fully vaccinated against COVID-19 for onsite and hybrid NYC roles. Verizon provides reasonable accommodations consistent with legal requirements (e.g., for medical or religious reasons). Additional information will be provided during the hiring process.