Job Description

When you join Verizon

You want more out of a career. A place to share your ideas freely — even if they’re daring or different. Where the true you can learn, grow, and thrive. At Verizon, we power and empower how people live, work and play by connecting them to what brings them joy. We do what we love — driving innovation, creativity, and impact in the world. Our V Team is a community of people who anticipate, lead, and believe that listening is where learning begins. In crisis and in celebration, we come together — lifting our communities and building trust in how we show up, everywhere & always. Want in? Join the V Team Life.

What you’ll be doing...

This position will be a Technology & People leader position in the Verizon Cyber Security (VCS) department supporting technical information security risk assessments and other complex risk assessments for initiatives that impact the enterprise. The Technical & Major Initiatives Risk Management team will be focused on improving the security risk posture through engagement in GTS and business initiatives impacting information assets, the GTS network, and business operations. This position will manage a team of 6-10 risk analysts who identify information security risks associated with the implementation plans of Technology - and business-sponsored initiatives and provide security consultation, direction and guidance that meet the security policy requirements, security standards and best practices, and government and industry regulations. The leader will work with VGS-T (Verizon Global Services – Technology) application leaders, business owners and 3rd Party business partners to ensure the security requirements are fulfilled and risks are reduced. When risk acceptance is requested the team will work with Security leadership and business stakeholders to gain risk acceptance on information security risk matters. Additionally the team will inform and educate the application, technical and business teams on security policies, risks and threats to the organization.

What we’re looking for...

• Engage in technical business initiatives to identify information security and privacy risk and provide risk reduction solutions that are balanced with meeting business objectives. Serve as a full partner to technology & business teams.
• Provide information security and privacy support to projects in business unit development pipelines; continue to identify less formal processes that institute change in the business.
• Continually work to ensure the Risk Assessment team is involved in the software development lifecycle at optimal points so that project delivery is not negatively impacted.
• Evangelize the need for information security and privacy engagement in projects to reduce corporate risks.
• Risk assessment process involves a detailed review of all aspects of the project and its impact on security, including access controls; identity management; third party access; off shore access; data protections for SPI and CPNI data at rest, in transit, and in display; compliance to privacy policy, information security policies, SPs, PCI requirements, and CPNI requirements; establish logging requirements; establish encryption/truncation/masking requirements.
• Exercise negotiation to lead a project to appropriate information security solutions, audience is various business teams (analysts, managers, ADs, Dirs), IT developers, and IT architects; create strong relationships with project teams. It is critical that security solutions be presented as tools to aid in the achievement of business goals.
• Review all in-process projects in order to triage projects based on risk profile.
• Serve as technical information security and privacy experts to project teams. Support project teams throughout the lifecycle of the project to ensure a secure and timely implementation, includes reviews of RT/BRD, approach documents, and other available project documentation and the creation of test cases as necessary.
• Proactively provide information security and privacy risk reduction solutions via requirements, risk reduction solutions should focus on best practices while balancing the needs of the business. Focus is always on solutions in order to make the business successful.
• In cases where the business will be accepting an unacceptable level of risk, perform information security and privacy risk assessments which quantitatively explains the risk. The document is usually used as an escalation tool to senior executives to inform them of the risk. Document is also used as an education tool to the project teams and executives.
• Lack of attention to detail or oversight of risks could lead to data breaches, regulatory violations, and or breach of contracts all of which could result in significant fines, negative publicity, and excessive costs and disruption associated with immediate remediation.

You’ll need to have:

• Bachelor’s degree or four or more years of work experience.

• Ten or more years of relevant work experience.
• Experience in IT and cyber/information security.
• Security certification such as CRISC & CISSP or willingness to obtain within 9 months of start date.
• Technical knowledge of information security fundamentals, best practices and industry standards.
• Strong knowledge and Experience in any Risk Management Framework & Risk quantification.

Even better if you have one or more of the following:

• Experience in Cloud and AI Risk Management
• Proven track record of managing a team and driving consistent, quality results.
• Ability to lead a team of technical security professionals and effectively engage with IT and Business partners.
• Knowledge of information security fundamentals, best practices and industry standards with prior responsibilities of protecting information assets.
• A demonstrated ability to coordinate and lead productive working sessions with resources from multiple application and technology teams across the enterprise.
• Ability to effectively communicate with Legal department attorneys and other supporting business groups such as Compliance, Sourcing and Finance.
• Excellent written and verbal communication skills.
• A solid understanding of Verizon business operations and a baseline knowledge of core business applications and foundational technologies across the IT network.
• Familiarity with IT Governance practices and processes, and solid business acumen.
• Experience preparing and providing executive level statuses and presentations using G-Suite applications.
• Prior experience producing reference documentation for technical or business reference.
• Excellent documentation and organizational skills.
• A demonstrated understanding of information security risk management concepts, security frameworks, and secure coding principles.
• An understanding of the SDLC processes, both agile and traditional.
• A solid understanding of networking technologies and protocols.
• Knowledge of application architecture standards with prior experience in a technical design or architecture role.
• Knowledge of databases and operating system concepts.

As this role is global in nature and performed from India, the leader is expected to work with matrix organization and ensure to align well with global objective and deliver with the local workforce.

If Verizon and this role sound like a fit for you, we encourage you to apply even if you don’t meet every “even better” qualification listed above.

Where you’ll be working

In this hybrid role, you'll have a defined work location that includes work from home and assigned office days set by your manager.

Scheduled Weekly Hours

40

Equal Employment Opportunity

Verizon is an equal opportunity employer. We evaluate qualified applicants without regard to race, gender, disability or any other legally protected characteristics.