Senior Threat Detection Architect

Verizon Communications Denver , CO 80208

Posted 1 week ago

What you'll be doing...

The Verizon Detection and Response product portfolio focuses on the cutting edge cyber security technology that's needed to fuel and feed advanced security operations centers. These technologies include Network Detection and Response, User and Entity Behavioral Analytics, Deception Technologies, SIEM, and Endpoint Detection and Response solutions. We are looking for an experienced cyber security professional to take Verizon's threat detection across this portfolio to the next level - come build the cyber security solutions that will defend organizations against tomorrow's threats.

  • Contribute to designing and building the next generation of Network Analysis and Security Operations Center Solutions.

  • Utilize incident response and SOC experience to influence and define threat detection strategy.

  • Develop and implement innovative ways to detect advanced threats.

  • Collaborate with threat content developers to connect detections with the response process.

  • Document and communicate threat detection capabilities and data input requirements.

  • Contribute to design and operation of security analytic warehouse.

  • Maintain industry relationships and translate knowledge into Verizon operational efficiencies or product value.

  • Understand and apply knowledge of threat intelligence life cycle.

  • Collaborate on design and integration of detection technologies.

What we're looking for...

The promise of Big Data is enormous and you are fascinated by the possibilities. You are a visionary but you also know what makes business sense and how to get it done. A successful new product can literally redefine the course of a business and this knowledge inspires you. You motivate others to do their best work. When making decisions, you expertly balance the needs of all parties.

You'll have to have:

  • Bachelor's degree in Computer Science, Computer Engineering, Information Security, Technology Managementor four or more years of work experience.

  • Six or more years of relevant work experience.

  • Six or more years of Enterprise Security experience.

  • Five or more years of Security Operations Center or Incident Response experience.

  • Five or more years of Enterprise Network experience.

  • Three or more years of Consulting experience.

  • Understanding of Enterprise Network Architecture and Cloud Network Concepts

  • Six or more years of Threat Content Development experience.

  • Five or more years of Threat Intelligence experience.

  • Willingness to travel.

Even better if you have:

  • Development Experience - Ability to utilize query languages and or development for utilization of data warehouse.

  • Three or more years of Data Science experience.

  • Three or more years of Full Packet Capture experience.

  • Three or more years of Endpoint Detection and Response experience.

  • Security Operation Center Design or Consulting experience.

  • Cloud Architecture and 5G experience.

  • Management experience.

  • Active Security Clearance.

When you join Verizon...

You'll have the power to go beyond - doing the work that's transforming how people, businesses and things connect with each other. Not only do we provide the fastest and most reliable network for our customers, but we were first to 5G - a quantum leap in connectivity. Our connected solutions are making communities stronger and enabling energy efficiency. Here, you'll have the ability to make an impact and create positive change. Whether you think in code, words, pictures or numbers, join our team of the best and brightest. We offer great pay, amazing benefits and opportunity to learn and grow in every role. Together we'll go far.

Equal Employment Opportunity

We're proud to be an equal opportunity employer - and celebrate our employees' differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. Different makes us better.

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Threat Intelligence Information Protection Senior Manager

Cigna

Posted 3 weeks ago

VIEW JOBS 7/18/2020 12:00:00 AM 2020-10-16T00:00 As a member of the Cigna Information Protection Threat Response Unit, the Threat Intelligence Program Lead role will be responsible for the enterprise wide intelligence program including the curation of all collected intelligence, data and alert enrichment, partnership and coordination with Incident Response, Red Team and Threat Hunt leadership, curation and production of threat intelligence products and continued maturation of Cigna's intelligence program. It is critical that the Program Lead have a broad Cyber security background, coupled with a deep and practical understanding of Threat Intelligence which will enable the candidate to lead the program which integrates into the fabric of existing security, IT and business resources. As the program continues to mature, the Program Lead will be responsible for setting the strategic direction and developing the process to integrate work streams across CIP and align strategic Threat Intelligence products to business needs. Essential Duties and Responsibilities: * Develop, create, and drive current and new reporting methods of Intelligence analysis to peers and leadership teams for purposes of situational awareness and ensuring Intelligence products are actionable * Establish and maintain relationships within the Cyber Intelligence community to enable communication with law enforcement and peer organizations * Evaluate new intelligence sources and assess Cigna's security and overall IT infrastructure to determine points of integration * Evaluate and architect new security intelligence products and direct integration of new products * Provide briefings and reports to team members and senior leadership regarding the risks to the organization * Conduct trending and correlation of cyber intelligence for the purposes of risk assessment, attribution and to establish strategic countermeasures * Conduct analysis of Threat Intelligence collected internally and externally to identify current impact to Cigna's systems or applications based upon a thorough understanding of infrastructure, application architecture, network protocols, etc. * Coordinate threat intelligence analyst activities in the collection of data and production of intelligence products * Coordinate with Directors and other managers across organization to establish and integrate procedures * Apply analytical understanding of threat actor methodologies and tactics, system vulnerabilities, and key indicators of attacks and exploits to provide appropriate and actionable guidance for internal partners * Develop and maintain analytical procedures to meet changing requirements * The Threat Intelligence team will provide support for incident response and threat hunting activities to provide intelligence context and analytical support, industry expertise and recommendations for remediation and countermeasures * Support team members in methods to process tactical mitigations based on results of analysis and determination of threat validity * Review existing intelligence sources, evaluate effectiveness of the ingestion of indicators and recommend improvements * Strong understanding of and experience with threat models and frameworks including MITRE, Kill Chain, etc. Knowledge, Skills and Abilities: * Knowledge of virtual environments, Cloud platforms (IaaS), network operating systems, mobile device environments, and data encryption methods * Demonstrated expertise in network communication protocols, operating systems, servers, firewall implementation, IPS/IDS systems, and advanced malware detection systems * Must be able to multi-task and work independently on moderate to complex assignments using independent professional discretion and judgment as well as transition quickly between projects with minimal supervision * Ability to communicate effectively, both orally and in writing, with senior management staff, information systems professionals, and technical and non-technical users * Ability to maintain effective working relationships with colleagues, users, contractors, and vendors * Has in-depth knowledge of security systems and understands the life cycle of network threats, attacks, attack vectors, and methods of exploitation * Possesses the ability to use in-depth knowledge to identify and present actionable intelligence to team members and senior leadership * Ability to quickly and effectively digest disparate data sources to determine security implications and risk levels * Maintain advanced knowledge of tools and techniques for analysis and identification of the nature of threats * Ability to perform security analysis of network traffic data and report on threats as needed and act as the escalation point for additional analysis * Able to provide recommendations of security improvements by assessing current efficacy of current capabilities/solutions, evaluating trends and anticipating requirements * Identify critical security issues and provide recommendations of risk-reduction solutions Technical Skills Required: * Strong understanding of networking protocols and infrastructure designs; including routing, firewall functionality, host and network intrusion detection systems, encryption, load balancing, and other network protocols * Experience with log analysis, traffic flow analysis and experience with associated infrastructure and systems to aid in the identification of malware or other malicious behavior * Experience utilizing a broad array of security tools including Security Information and Event Management (SIEM) system, intrusion detection systems, web proxy systems, routers, switches, firewall deployment and other tools used to assess network security * Demonstrated knowledge of techniques used to analyze network traffic for malicious activity and perform packet analysis * Maintain partnership and memberships to coordinate with appropriate sources within the intelligence community regarding possible security incidents * Identify, extract, and leverage intelligence from APT or other advanced intrusion attempts * Construct and exploit threat intelligence to detect, respond, and defeat advanced persistent threats * Manage, share, and receive intelligence on adversary groups * Fully analyze network and host activity in successful and unsuccessful intrusions by advanced attackers * Leverage intelligence to better defend against and respond to future intrusions Soft Skills: * Demonstrated ability to work in a team environment both in-person and remotely * Ability to effectively prioritize tasks and work independently with minimal daily management interaction * Excellent written and verbal communication skills, analytical ability, strong judgment and leadership skills, and the ability to work effectively with peers, IT management and senior leaders * Ability to participate in customer and partner facing meetings and projects, including those that involve technical topics or technical service delivery * Strong analytical skills and ability to creatively challenge current methods and procedures * Ability to operate and contribute effectively as a remote member of a global Information Protection team * Ability to obtain a strong understanding of the technical details involved in current APT threats and exploits involving various operating systems, applications and networking protocols * Strong analytical and problem solving skills Education Requirements: * Bachelor degree in Computer Science, Information Technology or equivalent practical experience * Extensive Cyber Security focused experience, threat intelligence or related IT experience * Several years of large enterprise experience with proven ability to manage teams and integrate security products and process across IT and business applications Preferred Qualifications: * Scripting in languages such as Python, Perl, Powershell and a deep understanding of command line across Linux, Unix, OSX, Windows, etc. * Industry recognized certification in cyber security such as GCIA, GCIH, CISSP or similar are a plus but experience is preferred * Networking certifications (e.g. CCNA - Security, CCNP) and demonstrated practical experience * Military/Government experience performing Cyber Threat Intelligence work * Multi-lingual - Mandarin, Russian, Korean, Arabic About Cigna Cigna Corporation (NYSE: CI) is a global health service company dedicated to improving the health, well-being and peace of mind of those we serve. We offer an integrated suite of health services through Cigna, Express Scripts, and our affiliates including medical, dental, behavioral health, pharmacy, vision, supplemental benefits, and other related products. Together, with our 74,000 employees worldwide, we aspire to transform health services, making them more affordable and accessible to millions. Through our unmatched expertise, bold action, fresh ideas and an unwavering commitment to patient-centered care, we are a force of health services innovation. When you work with Cigna, you'll enjoy meaningful career experiences that enrich people's lives while working together to make the world a healthier place. What difference will you make? To see our culture in action, search #TeamCigna on Instagram. Qualified applicants will be considered without regard to race, color, age, disability, sex, childbirth (including pregnancy) or related medical conditions including but not limited to lactation, sexual orientation, gender identity or expression, veteran or military status, religion, national origin, ancestry, marital or familial status, genetic information, status with regard to public assistance, citizenship status or any other characteristic protected by applicable equal employment opportunity laws. If you require an accommodation based on your physical or mental disability please email: SeeYourself@cigna.com. Do not email SeeYourself@cigna.com for an update on your application or to provide your resume as you will not receive a response. Cigna Denver CO

Senior Threat Detection Architect

Verizon Communications