- Entry level
- No Education
- Salary to negotiate
What you’ll be doing...
This position will be part of the IT Information Security Office (ISO) supporting the HR or Finance Business Unit. The HR (CAO) or Finance (CFO) Security Risk team will be focused on improving the security risk posture through engagement in IT and business initiatives impacting the HR or Finance, IT network, information assets and business operations. The team will work with IT application leaders, business owners and Third Party business partners to ensure the security requirements are fulfilled and risks are reduced.
This role will provide focused risk analysis support across the HR (CAO) or Finance (CFO) portfolio partners providing process guidance and risk assessment.
Participate as a stakeholder representing Information Security in functional and technical requirements and design sessions via the agile and traditional software development methodologies.
Assign a preliminary risk profile by identifying the information security risk factors based on data classification, design, and functional purpose and use
Specific attention to the following control areas is required: authentication, authorization, access controls (network and user), secure transmission and storage, encryption/key management, segmentation and network zoning, data flows, third party access and connectivity and functional purpose.
Work with architecture teams to understand enterprise solutions and impacts on security controls.
Collaborate and build relationships with IT colleague’s core business partners for continued security education and awareness.
Preform detailed risk assessment and provide risk reduction recommendations and security requirements and guidance to IT and business teams supporting the initiatives.
Provide security requirements during planning sessions, functional and technical requirement sessions, user story creation and grooming, and technical design based on identified risks.
Determine if any compensating controls are necessary due to inability to comply with the primary control requirements. Facilitate and help design compensating controls when needed.
Ensure requirements and design include approved strategic security technologies.
Complete and present to Security management and business sponsors a risk assessment evaluation articulating risk and impact analysis when security controls cannot be met by an initiative to ensure transparency and appropriate level of acceptance.
Broker meetings as needed between project team members and specialized security experts when additional details are required or circumstances are unique or private (under special NDA).
Participate weekly meetings with management and security team peers to provide project updates and risk overviews.
What we’re looking for...
You'll need to have:
Bachelor's degree in Information Systems or related field; or four or more years of work experience.
3+ years of related experience in Information Security, Software Development/Technical Support.
Even Better if you have;
2 - 4+ years IT or related experience.
Experience in an Information Security, Software Development/Technical Support related position.
IT or related experience.
One or more of the following professional certifications: CISA (Certified Information Security Auditor), CISM(Certified Information Security Manager), CRISC (Certified in Risk and Information Systems Controls), GSEC (General Security Essentials Certification), or equivalent, or willingness to obtain within 6 months.
A thorough understanding of all stages of the SDLC process, from coding and code promotion through all levels of testing as well as management of multiple non-production environments.
A solid understanding of networking technologies ad portals.
A base knowledge of databases and operating systems.
Knowledge of data security fundamentals and best practices with prior responsibilities of protecting information assets.
A demonstrated ability to coordinate and lead productive working sessions with resources from multiple application and technology teams across the enterprise.
Ability to effectively communicate with Legal department attorneys and other supporting business groups such as Compliance and Finance.
Excellent written and verbal communication skills. The ability to work effectively with multiple corporate cultures.
Familiarity with IT Governance practices and processes, and solid business acumen.
Prior experience producing reference documentation for technical or business reference.
About the company
For more than 100 years, Verizon has been at the center of the communications revolution.
Verizon is one of the largest communication technology companies in the world.
We help people, businesses and things communicate better.
The digital world promises consumers a better, more connected life, and we’re the ones delivering it. We make it possible for people to stay in touch and businesses to connect with their customers. We’re also bringing technology and hands-on learning opportunities directly to kids who need it most. Our goal is to inspire tomorrow’s creators to use technology to build brighter futures for themselves, their families and the world.