What you’ll be doing...
Verizon’s offered CERT service will constitute a designated CERT manager full time or as a shared resource, who will work as a contact and communications point between Verizon’s security services team and Customer’s security and IT staff as well as users and other important stakeholders. The CERT manager will also be responsible for operate the incident management process in accordance with the procedures designed in cooperation with Customer.
The Senior CERT Manager is an expert in the field of security incident response. Successful candidates typically have 5-7 years of information security experience with strong focus on Incident Response as well as technical certifications to reinforce their practical experience. The Senior CERT Manager has strong coordination, communication and collaborations skills as well as a good technical and architectural understanding.
What we’re looking for...
On a day to day basis the CERT Manager will assist with identify and respond to incidents as well as proactively propose improvements for how to reduce risk and potential future incidents.
- Receive and monitor incident information from Verizon managed security services and other sources.
- Support Customer Application and Infrastructure development teams initiating on-demand vulnerability scans on Applications, databases, and Servers during development activities occurring within the Application development or Project Lifecycle and to ensure Service Level performance.
- Support and maintain vulnerability scanning Systems such as Rapid 7, Nessus.
- Scan externally reachable IP addresses using Service Provider hosted and managed vulnerability scanners on the Internet.
- Scan for indicators of vulnerability, missing patches and misconfigurations including web Applications, virtual Applications and Infrastructure components, databases, mobile devices, cloud based solutions and Customer’s code based solutions.
- Review the collected incident data and confirm or reject incidents based on the analysis.
- Classify and prioritize incidents based on established criteria.
- Facilitate communication between stakeholders of the status of the incident.
- Coordinate the containment effort based on the available information and established processes.
- Make containment decisions and facilitate decision making by other parties using established escalation process.
- Communicate with the affected users and stakeholders to organize the containment effort.
- Verify the effectiveness of containment actions taken.
- Identify the attack vector of used by incident and confirm take actions to confirm that similar incidents are prevented in the future.
- Validate the effectiveness of the eradication actions.
- Coordinate forensics and law enforcement activities with officials if necessary.
- Coordinate the recovery actions.
- Confirm that the recovery effort was successful.
- Confirm that all temporary containment efforts have been removed.
- Update stakeholders on the status of the recovery effort.
- Conduct a root cause analysis for the incident.
- Communicate the results of the root cause analysis to Customer and stakeholders to prevent similar incidents in the future.
- Analyze the incident response effort, with feedback from Customer and third parties. Identify and analyze any mistakes as well as good decisions done during response process.
- Use the results of the analysis as an input for improvements, such as incident response process changes or changes in security monitoring.
You’ll need to have:
- Bachelor’s degree or four or more years of work experience
- Four or more years of relevant work experience
Even better if you have:
- Bachelor’s degree in Computer Science or related field.
- Five or more years of experience in a dedicated security position.
- Strong communication skills and ability to engage with customers at both technical and executive levels.
- Clear and concise writing skills, including the ability to produce professional-level documentation.
- Strong problem-solving and security analytics skills; able to identify gaps in processes and recommend improvements for mitigation.
- Strong leadership skills and a proactive approach to customer issues.
- Ability to excel in high pressure environments.
- SANS or other Security certifications, such as GCIA, GCIH, GREM, GPEN, CEH.
- CISSP Certification.
- CISM Certification.
- ITIL Foundations training / certification.
- Significant experience with how to structure and operate an efficient Incident Response process.
- Knowledge of common types of malware, their infection vectors, how identify them using network and host based tools, how to eradicate them and verify the success of eradication efforts.
- Knowledge of current security threats and vulnerabilities, how to detect and mitigate them, ability to understand their possible consequences on the customer’s environment.
- Understanding of modern technologies used to detect malware and vulnerabilities and protect assets.
- Understanding of modern network and cloud technologies.
When you join Verizon...
You’ll be doing work that matters alongside other talented people, transforming the way people, businesses and things connect with each other. Beyond powering America’s fastest and most reliable network, we’re leading the way in broadband, cloud and security solutions, Internet of Things and innovating in areas such as, video entertainment. Of course, we will offer you great pay and benefits, but we’re about more than that. Verizon is a place where you can craft your own path to greatness. Whether you think in code, words, pictures or numbers, find your future at Verizon.
Equal Employment Opportunity
We're proud to be an equal opportunity employer- and celebrate our employees' differences, regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or Veteran status. Different makes us better.
A little about us:
Verizon is one of the largest communication technology companies in the world.