Verizon is one of the world’s leading providers of technology and communications services, transforming the way we connect across the globe. We’re a diverse network of people driven by our shared ambition to shape a better future. Here, we have the ability to learn and grow at the speed of technology, and the space to create within every role. Together, we are moving the world forward – and you can too. Dream it. Build it. Do it here.
What you’ll be doing...
As a senior member of the enterprise Red Team, you will be responsible to lead in the design and execution of campaign based security testing for Verizon, covering multiple types of targets. Successful applicants must be capable of evaluating environments, applications, systems or processes to discover weaknesses, and subsequently leverage those discoveries into actionable real world attack strategies. You will utilize knowledge of security of operating systems, networking and protocols, firewalls, databases and middleware applications, forensics, scripting and programing to mentor and lead junior technical testers and effectively translate highly technical information to internal customers in a way that supports CIS and broader Verizon goals.
Perform and lead a full scope of Red Team testing; including network penetration, web and mobile application testing, source code reviews, threat analysis, wireless network assessments, social-engineering testing, and IDS/IPS/HIDS/HIPS evasion techniques.
Develop comprehensive and accurate reports and presentations for both technical and executive audiences
Help define the Red Team strategy to further enhance the company’s security posture. Effectively communicate findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel.
Provide risk-appropriate and pragmatic recommendations to correct vulnerabilities found.
Configure and safely utilize attacker tools, tactics, and procedures for Verizon environments.
Develop scripts, tools, or methodologies to enhance Verizon’s red teaming processes.
Assist with scoping and leading exercises.
Drives technical oversight and mentors less experienced staff during penetration and analysis efforts.
Provides leadership and guidance to advance the defensive capabilities of the team and its subsequent ability to defend the Verizon Enterprise.
Where you'll be working...
This role will be based out of any Verizon work location as listed in the posting. In this role, you'll have a defined work location that includes work from home and assigned office days set by your manager.
What we’re looking for...
You’ll need to have:
Bachelor's degree or four or more years of work experience
Six or more years ofrelevant work experience.
Experience in network penetration testing and manipulation of network infrastructure.
Experience in mobile and/or web application assessments.
Experience in email, phone, or physical social-engineering assessments.
Experience in shell scripting or automation of simple tasks using Perl, Python, or Ruby.
Experience developing, extending, or modifying exploits, shellcode or exploit tools.
Experience with source code review for control flow and security flaws.
Experience with Red, Blue, or Purple teaming exercises.
Strong knowledge of tools used for wireless, web application, and network security testing, such as Kali Linux, Metasploit, Burp suite, Core Impact, Cobalt Strike, Nessus, Web Inspect, and Scuba.
Even better if you have:
A degree in a technical field.
Solid understanding of common hosting environments such a containerization platforms (e.g., Docker and Kubernetes) and virtual machines running underhypervisors.
An implementation level familiarity with all common classes of modern exploitation such as: XSS, XMLi, SQLi, etct.
Thorough understanding of network protocols, data on the wire, and covert channels.
Mastery of Unix/Linux/Mac/Windows operating systems, including bash and Powershell.
Programming skills as well as the ability to read and assess applications written multiple languages, such as JAVA, .NET, C#, or others.
Industry certifications such as OSCP/OSCE, OSWE, GPEN, GCIH, GWAPT, or GXPN.
Equal Employment Opportunity
We're proud to be an equal opportunity employer - and celebrate our employees' differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. At Verizon, we know that diversity makes us stronger. We are committed to a collaborative, inclusive environment that encourages authenticity and fosters a sense of belonging. We strive for everyone to feel valued, connected, and empowered to reach their potential and contribute their best. Check out our diversity and inclusion page to learn more.
COVID-19 Vaccination Requirement
Verizon requires new hires to be fully vaccinated against COVID-19. Verizon provides reasonable accommodations consistent with legal requirements (e.g., for medical or religious reasons).