Job Description

When you join Verizon

You want more out of a career. A place to share your ideas freely — even if they’re daring or different. Where the true you can learn, grow, and thrive. At Verizon, we power and empower how people live, work and play by connecting them to what brings them joy. We do what we love — driving innovation, creativity, and impact in the world. Our V Team is a community of people who anticipate, lead, and believe that listening is where learning begins. In crisis and in celebration, we come together — lifting our communities and building trust in how we show up, everywhere & always. Want in? Join the V Team Life. What you’ll be doing…

The Verizon Product Security Team ensures security by design product engineering and architecture for both consumer and business products. As a Principal Security Architect, you will work to conduct security assessments on both Consumer and Business products and solutions. You will help to create, define, and implement security controls and tooling in conjunction with product development teams and product owners. You will manage multiple projects with a degree of impact and complexity that must be carefully controlled to support the internal business unit security requirements.

You will also work in conjunction with security stakeholders in other areas of the business and make decisions and help lead initiatives to ensure timely delivery of security solutions that support business objectives. You will also manage work that involves coordination with multiple organizations and is the focal point within the group.

• Help implement Secure Software Development Lifecycle (SSDLC) practices and use automation where possible

• Work with the product development teams to perform security design/code reviews and vulnerability assessment.

• Provide security guidance to Engineering and Product teams.

• Contribute to security architecture and assist in building and rolling out processes for secure code development and deployment involving truly cutting edge technology

• Contribute to security policy, standards, and guidelines related to Information Security

• Evaluate and operationalize new technologies for securing the organization

• Create security user stories and security test cases for products that are tailored to the product attributes and technology

• Support and advise product owner and product development teams by ensuring technical and architectural feasibility, readiness and compliance.

What we’re looking for…

You'll need to have:

• Bachelor’s degree or four or more years of work experience.
• Experience in cybersecurity.
• Experience with security requirements analyses, building threat models, performing security design reviews, applying zero trust principles.
• Knowledge of application security vulnerabilities, secure coding, attack surfaces and countermeasures.
• Knowledge of S-SDLC, best practices for secure coding, understanding of OWASP Top 10, CIS Top 20

Even better if you have one or more of the following:

• Understanding of Docker, Kubernetes, container security best practices.
• Experience with Threat Management and Monitoring tools (like CrowdSrike, GuardDuty, Tenable, CloudTrail, Cloudwatch) and container security tools.
• Experience with building security and hardening Cloud Containers, Cloud OS, on-premise/cloud storage, like Cassandra, MongoDB, Data Warehouse and Object-Based storage.
• Hands on experience on security testing like SAST, DAST, SCA and Pen testing
• Understanding of authentication protocols like OID, OAuth2.0, SAML
• Hands-on experience in securing software development projects using iOS/Android platforms
• Familiar with Content Streaming Services Security like DRM, CA (Widevine, Playready, FairPlay)
• Experience with application programming (C/C++/Java/Kotlin/Swift/JavaScript or any other languages) and the overall software development life cycle.
• Written and verbal skills for communicating security concepts and solutions.
• Ability to prioritize between and execute on multiple work streams.
• Excellent organizational and interpersonal skills.
• One of more of the following certifications: CISSP, CISM, SANS, CCSK.

“If Verizon and this role sound like a fit for you, we encourage you to apply even if you don’t meet every “even better” qualification listed above.”

Where you’ll be working

In this hybrid role, you'll have a defined work location that includes work from home and assigned office days set by your manager.

Scheduled Weekly Hours

40

Equal Employment Opportunity

Verizon is an equal opportunity employer. We evaluate qualified applicants without regard to race, gender, disability or any other legally protected characteristics.