What you’ll be doing...
Mobile first design transformation team is hiring a passionate and proven expert who can advise, guide and conceptualize the next generation of security practices for our mobile and web products. As a Senior Security Professional, this position will help the development team identify the next evolution of security practices, latest industry trends/best practices in implementing application security program. The applications must meet stringent security standards while enabling rapid innovation to meet customers’ ever changing needs.
- Integrating security tools, standards, and processes into the product life cycle (PLC).
- Ensuring that developers and QA personnel are trained with the appropriate level of security knowledge to perform their daily activities.
- Improving and supporting application security tool deployments including static analysis and runtime testing tools.
- Improving and maintaining secure development standards.
- Supporting the incident response and architecture review processes whenever application security expertise is needed.
- Managing penetration testing services, including both expert consulting and managed services.
- Providing manual penetration testing and standards gap analysis services to internal business and technology partners.
- Managing application framework and perimeter security improvement projects.
- Supporting Vendor Security activities to ensure 3rd‐party software and development meets Verizon security standards.
- Integrating threat modeling practices into the product life cycle.
- Providing security requirements for test‐driven design.
- Producing metrics reporting the state of application security programs and performance of development teams against requirements.
What we’re looking for...
You'll need to have:
- Bachelor’s degree or four or more years of work experience.
- Six or more years of relevant work experience.
- Experience in application security.
Even better if you have:
- Experience as a security evangelists who can translate security concepts into language that is meaningful to many audiences, including business and technical leaders and individual contributors.
- Ability to approach application security from the perspective of risk management.
- Demonstrable ability to influence decision‐making processes at all levels of a large organization.
- Strong leadership skills and be effective managers of highly technical individuals.
- Excellent verbal and written communication skills, including experience speaking in public forums and writing/contributing to technical publications.
- Familiarity with waterfall and agile development processes and experience integrating secure development practices into both models.
- Familiarity with a variety of development and testing tools, including:
- Eclipse, GIT, GCC, JIRA, Subversion, Maven, ClearQuest/Case, Silk,
- FindBugs, HP/Fortify SCA, IBM AppScan, and HP WebInspect
- Ability to explain all vulnerabilities and weaknesses in the OWASP Top 10, WASC TCv2, and CWE 25 to any audience, and discuss effective defensive tech.
When you join Verizon...
You’ll be doing work that matters alongside other talented people, transforming the way people, businesses and things connect with each other. Beyond powering America’s fastest and most reliable network, we’re leading the way in broadband, cloud and security solutions, Internet of Things and innovating in areas such as, video entertainment. Of course, we will offer you great pay and benefits, but we’re about more than that. Verizon is a place where you can craft your own path to greatness. Whether you think in code, words, pictures or numbers, find your future at Verizon.
Equal Employment Opportunity
We're proud to be an equal opportunity employer- and celebrate our employees' differences, regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or Veteran status. Different makes us better.
A little about us:
Verizon is one of the largest communication technology companies in the world.