What you’ll be doing...
The Verizon Security Management & Cyber Risk Program Application Security Consultant is a highly experienced & primary resource assigned to each SMP/CRP client to provide the services (activities, tasks, reports, recommendations & guidance) in accordance with the Verizon Security Management Program (SMP) and/or Cyber Risk Program (CRP) service, Application Security descriptions, regardless of the level of service purchased.
In this role, you’ll be responsible for:
-
Daily project coordination of assigned accounts to maintain a 95% on-time activity execution rate
-
Generate, analyze and publish client data and write corresponding “report of findings”
-
Design and produce customized reports on an as needed basis
-
Hand test validation of discovered web application vulnerabilities
-
Conduct research and address client questions and concerns within a timely fashion
-
Coordinate and lead reoccurring status calls with each of your assigned accounts
-
Track client program progress and communicate progress to Project Manager
-
Assist clients with security related mitigation strategies and by providing alternative recommendation and guidance
-
Publish white papers, research of new web application techniques
-
Assist other Consultant with technical questions and/or solutions, produce & provide training & materials on AppCert & Application Security
-
Serve as an escalation point for the team for application related issues
Additional responsibilities:
-
Continuous monitoring of the Information Security environment and developing skillset
-
Submit travel requests and expense reports
-
Provide additional support to the team through innovative thought leadership to include solutions and business development.
-
Attend and present at industry conferences and seminars
-
Assist with internal team training as needed
-
Mentor and provide guidance & training Cyber Risk Program Consultants (Level 1)
-
Participate in and/or lead internal projects and deliverables as assigned/designated by management
-
Adhere to all Verizon corporate, division, department and team policies & procedures
What we’re looking for...
You’ll need to have:
-
Bachelor’s degree or four or more years of work experience.
-
Four or more years of experience in the Network/Cyber/Information Security field with a minimum of one year specializing in Application Security or relevant work experience.
-
CISSP Certification (REQUIRED – active & maintained), plus any other industry recognized certification to bolster the knowledge of information security, particularly focused on Application Security.
-
Knowledge of OWASP top ten
-
Knowledge of WSAC, CWE or other security testing frameworks
-
Knowledge of web based vulnerabilities (e.g. SQL injection, cross-site scripting, etc.)
-
Experience with Application Security tools such as Burp suite, HP Web Inspect, Netsparker, etc.
-
Knowledge of TCP/IP and related concepts, solid understanding of Governance, Risk and Compliance and a solid understanding of at least one programming language
-
Willingness to travel
Even better if you have:
-
A degree
-
GWAPT, OSCP, OSWE, WAPT preferred
-
C|EH, ISACA CISA, CSRISC, CISM or SANS GIAC Certification preferred as well.
-
Experience with Fortune 500 organizations
-
Verticals: Financial, Healthcare, Insurance, Technology, Consumer, Banking, State and Federal Government
-
Experience with web application security assessment tools
-
Industry certifications (such as, HISP, GSEC, CISM, CISA, CRISC, E|CEH, E|CIH, GIAC Family of Certifications)
-
Vendor Certifications such as Qualys, Cisco, Juniper, Palo Alto, SourceFire, etc.
-
ISO-17799:2005, ISO-27001, ISO-27002, PCI-DSS, and NIST experience
-
Ability to write technical reports and interpret results
-
Knowledge of scripting and macros.
-
Ability to excel in a fast-paced environment and work under pressure and meet contractual SLA deadlines
-
Ability to voluntarily collaborate and support solution and business development
-
Good presentation delivery skills to all levels of an organization, engineer/Consultant to “C” Level
#ProfessionalServices; 22CyberVES;22CyberAPP; 22CyberRISK
When you join Verizon...
You’ll have the power to go beyond – doing the work that’s transforming how people, businesses and things connect with each other. Not only do we provide the fastest and most reliable network for our customers, but we were first to 5G - a quantum leap in connectivity. Our connected solutions are making communities stronger and enabling energy efficiency. Here, you’ll have the ability to make an impact and create positive change. Whether you think in code, words, pictures or numbers, join our team of the best and brightest. We offer great pay, amazing benefits and opportunity to learn and grow in every role. Together we’ll go far.
Equal Employment Opportunity
We're proud to be an equal opportunity employer - and celebrate our employees' differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. Different makes us better.