Senior Network Security Defense Engineer

Verizon•Ashburn, NJ

20h•Hybrid

About The Position

The GN&T Network Security team is looking for a highly motivated and experienced Cybersecurity Engineer to join the Network Security Defense team. The Defense teams are responsible for owning the security lifecycle and effectiveness across the Core, Edge, and Access networks, as well as all systems and network functions within GN&T. In this role, you will be critical in advancing our security posture through real-time Threat Monitoring & Detection using SIEM tools like Splunk, leading Incident Response efforts during a breach, and managing the continuous Vulnerability Management lifecycle across networks and applications. The position also requires expertise in defining and implementing robust Security Architecture, including centralized Identity & Access Management, and Multi-Factor Authentication (MFA). A strong candidate will also possess advanced Threat Hunting skills, including Advanced Networking & Protocol Analysis, Endpoint & Memory Forensics, Data Science & Querying, and demonstrable experience in Automation & Scripting to enhance our Cybersecurity tooling.

Requirements

Bachelor’s degree or four or more years of work experience.
Four or more years of relevant experience required, demonstrated through work experience and/or military experience.
Ability to write complex, optimized Splunk SPL (Search Processing Language) searches, including macros, data models, and lookups for efficient threat hunting and investigation.
Knowledge of incident response lifecycles (NIST or SANS) with experience designing, testing, and maintaining automation playbooks using SOAR platforms to automate triage and response actions.
Proficiency in the continuous, rigorous process of reviewing and remediating vulnerabilities based on the Common Vulnerabilities and Exposures (CVE) database and CISA's Known Exploited Vulnerabilities (KEV) catalog.
Experience with risk-based alerting, managing notable events, asset/identity correlation, and defining/tuning correlation searches.
Strong analytical skills and attention to detail with a proven track record of managing and delivering results.

Nice To Haves

Security certifications such as CompTIA Security+, CISSP, CCIP, CISM, CCSP, OSCP (Offensive Security Certified Professional), Ethical Hacking (CEH, OSCP).
Experience with Identity and Access Management (IAM) solutions.
Experience in conflict resolution and negotiation to ensure that design, strategy, and decisions consistently support security requirements.
Ability to build consensus and a common understanding of security objectives, goals, and execution steps.
Experience with network protocols and information security with networking certifications such as PCNSE, CCNP, or CCNA.
Experience with networks, 4G/5G wireless network functions, or Cloud virtualization technologies like OpenStack and Kubernetes.
Experience with utilizing AI large language models for scripting and/or automation.
Experience in Linux systems engineering expertise with a variety of variants.
Experience with encryption for data in transit (e.g., IPsec, or TLS) and at rest.
Effective written, interpersonal, and verbal communication skills.

Responsibilities

Identifying technology gaps to lead in the design, architecture, and implementation of appropriate security solutions.
Creating formal guidelines, policies, and procedures to ensure smooth and error-free operations.
Implementing strategic solutions in a highly scalable environment.
Partnering across the Operations, Engineering, and Planning organizations to ensure secure design patterns are embedded into new deployments and major changes.
Working independently on strategic technical challenges.
Identifying opportunities to mentor junior engineers, guide, and delegate technical documentation/tasks to support the team and broader organization.
Communicating clearly and effectively, articulating complex technical concepts to diverse internal and external audiences.
Leading network security incident response activities, including triage, containment, eradication, and recovery for disruptive threats.
Building and refining incident playbooks and response runbooks to ensure repeatable workflows for high-impact scenarios (ransomware, phishing, insider threat, DDoS, etc.).
Serving as escalation support for security-related investigations, providing expert-level analysis and guidance during active incidents.
Executing root cause analysis and producing clear incident reports outlining timeline, impact, evidence, and remediation recommendations.
Conducting proactive threat hunting across the identity, endpoint, and network telemetry to uncover adversary behavior and reduce dwell time.
Creating and tuning threat detections using SIEM (Security Information and Event Management) to improve alert fidelity and reduce false positives.
Driving continuous improvement of network visibility and telemetry collection to strengthen detection and response capabilities.
Performing regular security control assessments, validating configuration effectiveness, and closing gaps discovered during incidents or hunts.