M+E Technology Job Board
Paranoids Product Security Engineering
Verizon Media
The Role:
Reporting to the Paranoids Architecture, Engineering and Assurance function, you will identify and execute secure development activities, including: security testing, design review, secure code review, and integration of automation with DevOps processes. You will work with development teams for Verizon Media and begin to lead the evolution of our secure development processes for the overall enterprise.
Responsibilities:
Conduct code review and web application security testing in a variety of technical frameworks and Verizon Media brands.
Begin to create application threat models and provide guidance on effective countermeasures.
Contribute to security architecture and assist in building and rolling out processes for secure code development and deployment involving truly cutting edge technology.
Develop subject matter expertise in encryption, security controls, risk management, and secure design and programming practices across Verizon Media engineering teams.
Improve and implement security processes, procedures, and guidelines related to Product Security and secure code development.
Help to evaluate and operationalize new technologies for securing the organization.
Train and mentor Security Champions throughout the development
Share thought leadership in the product and application security space
Secure large-scale applications and infrastructure across Verizon Media engineering teams per Verizon Media standards.
Build projects for static analysis, triage results, and communicate findings back to teams.
Deliver day to day findings, remediations, and fixes in a manner that can be understood by multiple audiences.
Work with internal stakeholders to identify product security technology needs, provide guidance, and contribute to the growth and development of the Paranoids.
Evaluate and operationalize new technologies for securing the organization
Provide tier 3 engineering support to remediate critical security bugs
Required Qualifications:
3+ years of hands-on technical experience such as in application development or security
Ability to incrementally review designs, code, and operation at DevOps pace as well as
Ability to deeply review design, code, and operation consistent with classic security analyses
Knowledge of application security vulnerabilities, secure coding, and countermeasures
Experience with application programming and the overall software development life cycle
Ability to prioritize between and execute on multiple work streams
Written and verbal skills for communicating security concepts and solutions
Excellent organizational and interpersonal skills
Communicates effectively with team members, and key stakeholders; contributes to technical meetings.
Bachelor’s degree in CS/EE or related area or equivalent job experience
Preferred Qualifications:
Knowledge of software development lifecycles and methodologies; proficient in how Verizon Media builds software.
Understanding of attacker lifecycles and defender strategies.
Comfortable collaborating with all Paranoids and across Verizon Media.
Experience collecting, analyzing, and presenting security metrics.
One of the following certifications: CISSP, CCSSP, CSSLP, OSCP, GMOB, GWAPT, CISM, CISA.
Verizon Media
The Role:
Reporting to the Paranoids Architecture, Engineering and Assurance function, you will identify and execute secure development activities, including: security testing, design review, secure code review, and integration of automation with DevOps processes. You will work with development teams for Verizon Media and begin to lead the evolution of our secure development processes for the overall enterprise.
Responsibilities:
Conduct code review and web application security testing in a variety of technical frameworks and Verizon Media brands.
Begin to create application threat models and provide guidance on effective countermeasures.
Contribute to security architecture and assist in building and rolling out processes for secure code development and deployment involving truly cutting edge technology.
Develop subject matter expertise in encryption, security controls, risk management, and secure design and programming practices across Verizon Media engineering teams.
Improve and implement security processes, procedures, and guidelines related to Product Security and secure code development.
Help to evaluate and operationalize new technologies for securing the organization.
Train and mentor Security Champions throughout the development
Share thought leadership in the product and application security space
Secure large-scale applications and infrastructure across Verizon Media engineering teams per Verizon Media standards.
Build projects for static analysis, triage results, and communicate findings back to teams.
Deliver day to day findings, remediations, and fixes in a manner that can be understood by multiple audiences.
Work with internal stakeholders to identify product security technology needs, provide guidance, and contribute to the growth and development of the Paranoids.
Evaluate and operationalize new technologies for securing the organization
Provide tier 3 engineering support to remediate critical security bugs
Required Qualifications:
3+ years of hands-on technical experience such as in application development or security
Ability to incrementally review designs, code, and operation at DevOps pace as well as
Ability to deeply review design, code, and operation consistent with classic security analyses
Knowledge of application security vulnerabilities, secure coding, and countermeasures
Experience with application programming and the overall software development life cycle
Ability to prioritize between and execute on multiple work streams
Written and verbal skills for communicating security concepts and solutions
Excellent organizational and interpersonal skills
Communicates effectively with team members, and key stakeholders; contributes to technical meetings.
Bachelor’s degree in CS/EE or related area or equivalent job experience
Preferred Qualifications:
Knowledge of software development lifecycles and methodologies; proficient in how Verizon Media builds software.
Understanding of attacker lifecycles and defender strategies.
Comfortable collaborating with all Paranoids and across Verizon Media.
Experience collecting, analyzing, and presenting security metrics.
One of the following certifications: CISSP, CCSSP, CSSLP, OSCP, GMOB, GWAPT, CISM, CISA.