Principal Cyber Security Engineer in Ashburn, VA
Posted on: November 20, 2022
When you join Verizon
Verizon is one of the world's leading providers of technology and
communications services, transforming the way we connect across the
globe. We're a diverse network of people driven by our shared
ambition to shape a better future. Here, we have the ability to
learn and grow at the speed of technology, and the space to create
within every role. Together, we are moving the world forward - and
you can too. Dream it. Build it. Do it here.
What you'll be doing...
As a Principal Security Engineer, you will work with a global
security team that keeps our enterprise-class cloud service secure
from a variety of threats. We are looking for an individual
contributor who is passionate about information security and has
hands-on experience with projects that underwent successful FedRAMP
and DOD IL-4 authorizations.
- - Be a member of our global security engineering team responsible
for securing our cloud service.
- - Engage early on with engineering teams in the software
development lifecycle (SDLC) to ensure that designs and
implementations follow security best practices.
- - Drive the implementation of security controls in the
application and the operating environment to meet the requirements
of NIST 800-53-based programs such asFedRAMP and DOD Impact Levels
(IL-4 and up).
- - Work with third party advisory firms and assessor organizations
to prepare our product offerings for FedRAMP and DOD Impact Level
- - Perform Proof of Concept for Security features working closely
with the engineering teams and proactively follow through to
successful implementation in the product.
- - Utilize vulnerability scanning and application/infrastructure
monitoring tools effectively to improve the Organization's security
- - Coordinate internal and 3rd party app security, penetration
testing and bug bounty programs. Reproduce reported security bugs
and work with Engineering to address them timely without side
- - Work closely with Operations, IT, Support and Engineering teams
to monitor and remediate security incidents.
- - Assist Sales and Sales Engineering with RFP responses related
to product security when required.
- - Be a role model to create a culture of security in the
- - Lead Security Champions Meetings
- - Mentor Junior Engineers in the team
Where you'll be working...
This hybrid role will have a defined work location that includes
work from home and assigned office days as set by the manager.
What we're looking for...
You'll need to have:
- - Bachelor's degree or four or more years of work experience.
- - Six or more years of relevant work experience.
- - Experience designing and securing applications involving Public
Cloud like AWS, Azure, GCP, etc.
- - Experience driving projects where one or more products obtained
successful FedRAMP ATO.
Even better if you have:
- - Five or more years of software development experience with
security focus or as an application security engineer.
- - Programming experience in a scripting or a high level
- - Experience as a Security Engineer in an Enterprise SaaS-based
- - Experience with container orchestration frameworks such as
Kubernetes and secure CI/CD processes
- - Knowledge of Transport Layer protocols such as TCP/TLS and
Application layer protocols such as HTTP, SIP and SRTP.
- - An out of the box thinker who can come up with good threat
models for a design and misuse cases to validate it.
- - Knowledge of the latest OWASP Top 10 and SANS Top 25
vulnerabilities and the corresponding mitigation techniques.
- - Experience with tools from 3rd party vendors such as Tenable,
Whitehat and/or open source tools such as Nessus, Metasploit, Burp
Suite, and Nmap.
- - Active membership of Information Security user groups with
security certification (CISSP, CEH, GWAPT, GPEN, OSCP, etc.) will
be an added plus
- - Good communications skills to work effectively with cross
functional teams involving Engineering, Support, Operations,
Program Management and IT - especially when leading an emergency
patch development and deployment.
Equal Employment Opportunity
We're proud to be an equal opportunity employer - and celebrate our
employees' differences, including race, color, religion, sex,
sexual orientation, gender identity, national origin, age,
disability, and Veteran status. At Verizon, we know that diversity
makes us stronger. We are committed to a collaborative, inclusive
environment that encourages authenticity and fosters a sense of
belonging. We strive for everyone to feel valued, connected, and
empowered to reach their potential and contribute their best. Check
out our diversity and inclusion page to learn more.
COVID-19 Vaccination Requirement
NYC candidates: Verizon requires new hires to be fully vaccinated
against COVID-19 for onsite and hybrid NYC roles. Verizon provides
reasonable accommodations consistent with legal requirements (e.g.,
for medical or religious reasons). Additional information will be
provided during the hiring process.
PandoLogic. Keywords: Information Security Engineer, Location:
Reston, VA - 20191 , PL: 551741516
Keywords: Verizon, Reston , Principal Cyber Security Engineer in Ashburn, VA, Other , Reston, Virginia
Didn't find what you're looking for? Search again!