When you join Verizon
Verizon is a leading provider of technology, communications, information and entertainment products, transforming the way we connect across the globe. We're a diverse network of people driven by our ambition and united in our shared purpose to shape a better future. Here, we have the ability to learn and grow at the speed of technology, and the space to create within every role. Together, we are moving the world forward - and you can too. Dream it. Build it. Do it here.
What you'll be doing...
The Verizon Cyber Risk Programs-AppCert Consultant III, will primarily provide services to clients related to assessing application security through a programmatic approach while also validating security controls related to an application's software development life cycle. The position will also be expected to support Cyber Risk Program clients. The Consultant will provide leadership, coaching, and mentoring to a team of Professional Services Cyber Security Consultants and others, responsible for the delivery of the Cyber Risk Programs (CRP), Application Security Certification Program, and Cloud Security Risk Assessment Program.
Schedule assessments that are consistent with contractual requirements.
Conduct assessments and deliver reports that are consistent with contractual requirements.
Speak with and present to technical teams as well as C level executives.
Write technical reports and interpret results.
Validate controls according to industry standards and best practice.
What we're looking for...
You have a deep background and experience with understanding how to quantify application security threats, risks & vulnerabilities and business impact variables, and how to prioritize risk initiatives based on business need, compliance & regulatory requirements, and risk reduction. You are a security expert in application security testing and control validation while willing to support other teams delivering security services we offer on a global basis.You'll need to have:
Bachelor's degree or four or more years of work experience.
Four or more years of relevant work experience.
Experience delivering and leading technical services in cyber security governance, risk, and compliance, audits & assessments, or support & delivery of IT/Cyber security services, methods and practices.
Experience in IT/Cyber Application Security.
Experience with Governance, Risk & Compliance assessment/audit role.
Knowledge of Application Security, Risk & Compliance with ability to adapt and map to multiple other frameworks.
Industry Certifications of at least one or more related to application security such as GWAPT, OSWE, GWEB, GMOB, GXPN.
Industry Certification of CISSP, CISM, and/or CCSP.
Experience in translating information security controls, policies and requirements into actionable operational policies, processes & procedures and cyber security technology solutions.
Valid Driver's license.
Willingness to travel both domestically and internationally up to 25% of the time.
Even better if you have one or more of the following:
Masters in a relevant subject matter such as Cyber/Application Security.
Multiple industry recognized IT Security Certification / Certificates from SANS, ISACA, ISC (2), CSA vendors specific to Risk Assessments, Auditing & Risk Management, Cloud Security, Application Security, Vulnerability Management, Financial & HealthCare industry security and penetration testing.
Excellent communication and presentation skills, and comfortable and competent in presenting to both technical engineers and to "C" level executives.
Experience with security controls, security and risk frameworks and tools/platforms such as Unified Compliance Frameworks, Alyne, ISO, NIST, VERIS, OWASP, FFIEC, FAIR, etc. and mapping of risk assessment activities to multiple risk and compliance frameworks.
Experience in delivery or supporting large & complex global cyber security enterprise networks.
Public speaking experience and skills in developing and presenting cyber security topics to a diverse audience both in person and via "virtual" means such as web conferencing.
Business or service design, development or scripting/programming experience.
Strong level of experience with standard office applications such as Google Suite, Microsoft Office Suite, Slack, video/web conferencing tools and platforms.
Equal Employment Opportunity
We're proud to be an equal opportunity employer - and celebrate our employees' differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. At Verizon, we know that diversity makes us stronger. We are committed to a collaborative, inclusive environment that encourages authenticity and fosters a sense of belonging. We strive for everyone to feel valued, connected, and empowered to reach their potential and contribute their best. Check out our diversity and inclusion (~~~) page to learn more.