What you'll be doing...
As a member of Network Security, the Network Security Operations Center (NSOC) Cyber Security Analyst reviews and analyzes the output from security monitoring and scanning devices and takes or recommends actions for the detection and remediation of system and network compromises.
The Analyst is the front-line member of the NSOC team. The Analyst conducts proactive computer network defense operations based on established procedures. The Analyst ensures compliance with Verizon policies, technical standards, and industry best practices. The Analyst provides recommendations to systems and network administrators and system users to implement corrective actions to mitigate risk.
Continuous Security event monitoring of the Global Management network and systems.
Work with technical staff members in other groups to resolve security events.
Perform Tier 1 response and investigations using established procedures and escalate issues which cannot be resolved to the Tier 2 Response team.
Work within a Security Information and Event Management (SIEM) to identify anomalies, malware, exploit attempts and other attacks on the Global Management network infrastructure and data.
Provide feedback to improve the accuracy of automated detection rules.
Resolve security event tickets in a timely manner per established guidelines and procedures.
Identify, document, and mitigate today's security threats landscape.
Support periodic audits and compliance reviews to identify systems and networks which present a risk to Verizon.
Examine data from automated internal and third-party security scans and penetration tests, to confirm or deny the initial reports.
Ensure systems with critical vulnerabilities are properly configured and patched.
Identify instances where automated tools have provided conflicting or incorrect information, and continue research to reveal the true state of the systems and networks.
Support Network Security intra-organizational collaboration to support security operation capabilities and collaboration efforts across functional teams.
Support process improvements by documenting variances in tactical response procedures. Develop and maintain proficiency and accuracy in monitoring, response, and reporting through tactical cyber incident monitoring.
Perform operational reporting for situational awareness reports and messaging high visibility incident alerts and elevated threat conditions across the Global Management network.
Configuration of operating systems to include: security controls, malware remediation, and desktop/server technical support.
Multi-task while working with a sense of urgency to resolve or escalate issues with established guidelines and prioritize work according to risk.
Work in a highly collaborative environment, sharing findings and incorporating feedback from management and peers in order to better understand and respond to threats.
What we're looking for...
You'll need to have:
Even better if you have:
A degree in Information Systems, Information Technology, Computer Science or related area.
Demonstrable knowledge of networking (TCP/IP, topology, and security), operating systems (Windows, Linux, macOS), and web technologies (Internet security).
Experience in the installation/configuration of various operating systems including Windows and Linux. Virus remediation and desktop/server technical support.
An enthusiasm for information security and the ability to learn new threats independently.
Knowledge of desktop and server based computing systems such as Windows and Linux.
Working level knowledge of networking principles and advanced troubleshooting techniques.
An analytic mindset. Demonstrated strong communication skills with the ability to engage with system and network administrators, systems users and managers.
Willingness to work a variety of shifts within a 24x7x365 environment.
The ability to thrive in dynamic environments.
Traditional network monitoring experience is preferred with packet/protocol analysis and hands-on system or network administrative experience with major operating systems.
Scripting language skills, Splunk searching and/or regular expression creation experience to support dynamic security event analysis.
Ability to understand and cross-reference system log data, user authentication events, security event logs, syslog, NetFlow data, DHCP logs, DNS logs, web browser and proxy logs, packet captures and firewall events.
Splunk Enterprise Security or similar SIEM experience.
Experience with different host based protections, email gateways and proxy technologies.
Familiarity with forensic analysis and big data concepts.
Security certifications such as: GMON, GCIH, GCFE, GCFA, CEH, GCIA, SSCP, and Network/Security+ or similar.
Statistical data collection and reporting experience.
Project management and formal presentation experience.
When you join Verizon...
You'll be doing work that matters alongside other talented people, transforming the way people, businesses and things connect with each other. Beyond powering America's fastest and most reliable network, we're leading the way in broadband, cloud and security solutions, Internet of Things and innovating in areas such as, video entertainment. Of course, we will offer you great pay and benefits, but we're about more than that. Verizon is a place where you can craft your own path to greatness. Whether you think in code, words, pictures or numbers, find your future at Verizon.
Equal Employment Opportunity
We're proud to be an equal opportunity employer- and celebrate our employees' differences,including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. Different makes us better.