Verizon is one of the world’s leading providers of technology and communications services, transforming the way we connect across the globe. We’re a diverse network of people driven by our shared ambition to shape a better future. Here, we have the ability to learn and grow at the speed of technology, and the space to create within every role. Together, we are moving the world forward – and you can too. Dream it. Build it. Do it here.
What you’ll be doing...
The Verizon Corporate Information Security (CIS) organization securely enables the business by protecting assets and information across Verizon networks, infrastructure and applications. CIS integrates cybersecurity governance, policies, technologies and operations across Verizon, and works to incorporate security into the design of technology systems and services.
The Sr. Principal Security Architect will be a critical member of the Platform Security team in CIS that supports strategic platforms such as MEC and ThingSpace that drive the industry forward in the world of connected devices, users and enterprises.
We are looking for an experienced and energetic thought leader in the industry that is at the forefront of solving tough cybersecurity problems at the intersection of business and technology. This individual will enable business opportunities with creative solutions and ensure Verizon business partners and customers can adopt the emerging technologies with confidence. The Sr. Principal Security Architect is a resource to technology teams to drive innovative solutions that defend the platforms from ever-evolving security threats. You should have significant working experience, knowledge and accreditation in the design, implementation and operation of security controls.
Innovative approaches in support of business use cases with a defense in depth.
Security controls on the devices for strong identity/trust, firmware security, and software integrity solutions.
Network segmentation and security controls to provide visibility, risk mitigation, threat detection and mitigations.
Security services in the cloud to enable a connected eco-system of devices, gateways, cloud platforms and users.
Experience integrating security in an Agile development or DevOps environment with Focus on security-as-code and continuous compliance practices.
Anticipate controls in a Product for customer requirements that may come from industry verticals or market segments.
Experience with defining operational models and procedures for business solutions including the administration and maintenance of infrastructure and application security controls.
Knowledge of common information security standards such as: ISO 27001/27002, NIST CSF, CSA and CIS Controls.
Mentor and train Product teams on security practices, work with industry peers on advancing industry wide solutions.
Where you’ll be working:
In this hybrid role, you'll have a defined work location that includes work from home and assigned office days set by your manager.
What we’re looking for...
You'll need to have:
Bachelor’s degree or four or more years or work experience.
Six or more years of relevant work experience.
Experience in complex architectural areas that span multiple disciplines.
Even better if you have:
Knowledge of tools and techniques used by attackers to gain entry into corporate networks, industrial systems, consumer devices, and IT systems.
Demonstrated knowledge on threat landscapes and threat modeling, security threat and vulnerability management, and security monitoring.
Broad technical experience in several security disciplines including OT/IT endpoint and platform (Unix/Linux/Windows, mobile) controls, encryption/tokenization, identity and access management, PKI, data protection, network segmentation, and security tooling integration in complex environments.
Experience within the transformation of traditional data center security measures into hybrid and Cloud deployment (AWS, GCP, Azure.)
Experience in network security including web proxies, reverse proxies, load balancing, IDS/IPS, firewall, wireless, and remote connectivity.
Experience advising customers on enterprise and security architectures for meeting industry standards such as SOX, PCI, ISO 27001, HIPAA, and NIST/DoD frameworks.
Ability to draft and contribute to enterprise security policy.
Experience building security reference architectures for complex information systems based on industry frameworks and with traceable alignment to business requirements and goals.
Experience developing security controls, processes, or tools for products developed and deployed in cloud, container, and big data environments.
Knowledge of developer tools and environments, project management and bug tracking systems and experience coding in Java, Python, or Go, and at least one scripting language.
Ability to analyze and identify risks in network and system designs and communicate with key stakeholders to address the risk and drive a solution.
Demonstrated experience in communicating complex security concepts, both verbally and in writing, to a variety of audiences.
Subject matter expertise in consumer and Internet privacy and trust.
Communication, presentation and analytical skills along with the ability to thrive in a dynamic environment and handle multiple priorities.
Influencing and partnering skills to address complex industry wide problems.
Equal Employment Opportunity
We're proud to be an equal opportunity employer - and celebrate our employees' differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. At Verizon, we know that diversity makes us stronger. We are committed to a collaborative, inclusive environment that encourages authenticity and fosters a sense of belonging. We strive for everyone to feel valued, connected, and empowered to reach their potential and contribute their best. Check out our diversity and inclusion page to learn more.
COVID-19 Vaccination Requirement
Verizon requires new hires to be fully vaccinated against COVID-19. Verizon provides reasonable accommodations consistent with legal requirements (e.g., for medical or religious reasons).