SkillBridge - Product Security Engineer

Company: Verizon
Location: Cary
Posted on: March 15, 2023

Job Description:

When you join Verizon Verizon is one of the world's leading providers of technology and communications services, transforming the way we connect across the globe. We're a diverse network of people driven by our shared ambition to shape a better future. Here, we have the ability to learn and grow at the speed of technology, and the space to create within every role. Together, we are moving the world forward - and you can too. Dream it. Build it. Do it here.What you'll be doing... As a product security engineer, you will work to conduct security assessments on both Consumer and Business products and solutions. You will help to create, define, and implement security controls and tooling in conjunction with product development teams and product owners. The appropriate candidate will manage multiple projects with a degree of impact and complexity that must be carefully controlled to support the internal business unit security requirements.The candidate will also work in conjunction with security stakeholders in other areas of the business and make decisions and help lead initiatives to ensure timely delivery of security solutions that support business objectives. The successful candidate will also manage work that involves coordination with multiple organizations and is the focal point within the group.The candidate will often work with little or no supervision, and will regularly be given high-level directives and allowed to work independently to satisfy the requirements.Responsibilities Include:

• Help implement Secure Software Development Lifecycle (SSDLC) practices and use automation where possible
• Work with the product teams to perform security design/code reviews and vulnerability assessment
• Provide security guidance to Engineering and Product teams.
• Build threat models and conduct risk assessments for new features and services.
• Create application threat models and provide guidance on effective countermeasures
• Contribute to security architecture and assist in building and rolling out processes for secure code development and deployment involving truly cutting edge technology
• Provide subject matter expertise on encryption, security controls, and secure design and programming practices across the Technology organization
• Contribute to security policy, standards, and guidelines related to Information Security
• Evaluate and operationalize new technologies for securing the organization
• Train and mentor Security Champions throughout the development
• Share thought leadership in the product and application security space
• Create security user stories and security test cases for products that are tailored to the product attributes and technology
• Support and advise product owner and product development teams by ensuring technical and architectural feasibility, readiness and compliance.
• Work with secure SDLC, governance and compliance for PCI, FedRAMP and NISTWhere you'll be working...In this hybrid role, you'll have a defined work location that includes work from home and assigned office days set by your manager.What we're looking for... You'll need to have...
  • This opportunity is for Military personnel who are current participants of the Department of Defense SkillBridge Program
  • Bachelor's degree or four or more years of work experience.
  • Six or more years of relevant work experience.
  • 4+ years of hands-on technical experience such as in application development or security
  • 5 years of professional experience with any combination of at least 3 technical disciplines, including the following: cloud security, application security, mobile security, secure development methodologies, software development, and coding.Even better if you have...
    • Bachelor's degree in a relevant field (Computer Science, Software engineering, Security, or others) OR an equivalent combination of education, training, and experience
    • 3 years of experience building or reviewing threat models
    • 4 years of experience with conducting security assessments
    • Knowledge of application security vulnerabilities, secure coding, and countermeasures
    • Written and verbal skills for communicating security concepts and solutions
    • Ability to prioritize between and execute on multiple work streams
    • Experience with application programming and the overall software development life cycle
    • Excellent organizational and interpersonal skillsIf Verizon and this role sound like a fit for you, we encourage you to apply even if you don't meet every "even better" qualification listed above.Equal Employment Opportunity We're proud to be an equal opportunity employer - and celebrate our employees' differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. At Verizon, we know that diversity makes us stronger. We are committed to a collaborative, inclusive environment that encourages authenticity and fosters a sense of belonging. We strive for everyone to feel valued, connected, and empowered to reach their potential and contribute their best. Check out our page to learn more.
      
      

Keywords: Verizon, Cary , SkillBridge - Product Security Engineer, Engineering , Cary, North Carolina