Senior Network Security Engineer, MFA

Verizon•Southlake, TX

25d•$101,000 - $194,000•Hybrid

About The Position

The GN&T Network Security team has an opening for Engineer IV’s in the Network Access team. This role will center around delivery and operations of the Multi Factor Authentication (MFA) services. This position is part of the FIDO/MFA team. This team is responsible for operationalizing a Global Network & Technology (GN&T) wide strategy to facilitate the use of FIDO/MFA services. This team is responsible for the entire life cycle of MFA solutions from developing Architecture to Operational support of the MFA services. MFA is provided as a service(s) to other network teams, providing them centralized mechanisms to help implement MFA and adhere to the Network Security Fundamentals (Access Management, Situational Awareness, Configuration Hardening, Vulnerability Mitigation) at scale. A successful candidate will possess both strong inter-personal and technical skills. They will be expected to work within and across team barriers to take these functions from concepts to design and ultimately to production implementation.

Requirements

Bachelor’s degree or four or more years of work experience.
Four or more years of relevant experience required, demonstrated through work experience and/or military experience
IAM Expertise – Deep knowledge and understanding of Identity protocols like LDAP, SAML, FIDO, OAuth, and OpenID Connect.
Working experience with products like DUO, Okta.
Automation & Scripting – Proficiency in developing automation tools using languages like python, powershell, etc.
Directory Services – Practical experience of LDAP directory server implementations.
Cloud & Containers – Good understanding of containers and cloud based services.
Operations – Experience with application delivery, support, incident management, log management, and problem management areas.
Familiarity with Identity and Access Management solutions.
Knowledge of Splunk.
Ability to write splunk search language models, data models, and lookups for thread hunting.
Experience in developing, testing, and maintaining automation playbooks using python/API integrations and Strong knowledge of incident response lifecycles.
Experience building relationships across business units.

Nice To Haves

Strong networking and cybersecurity knowledge and experience.
Knowledge of Jumphost servers and their operational use
Knowledge of applications like Hashicrop vault to store credentials and secrets.
Experience in developing Splunk SOAR to automate triage and response actions.
Hands on experience in managing Identities in containers and cloud native services.
Directory Services optimization to support millions of identity attributes and high frequency authentication requests.
Expert knowledge of LDAP, SAML, OAuth 2.0, and OIDC.
Hands on experience with IAM in Kubernetes, ansible for automatic security patching for identity servers.
Established track record in managing complex processes, driving results, and adapting to change.
Demonstrated success leading organizations providing cybersecurity engineering.
The ability to communicate effectively across all levels of the organization and educate peers and teams on security concepts and overall importance to the business.
Recent experience with machine learning, statistical analysis, graph theory or artificial intelligence.
Hands-on experience working with internet-scale data sets such as Netflow, BGP, DNS, and IDS logs.
Knowledge of network-based, system-level, and application layer attacks and mitigation methods.

Responsibilities

Assist in interpreting business and functional requirements by collaborating with senior engineers to support technical implementation.
Support subject matter experts by documenting processes and contributing to knowledge-sharing activities within the team.
Follow established procedures and contribute to team coordination by understanding roles and responsibilities across support and engineering functions.
Participate in the implementation and testing of high-availability and redundant network systems under the guidance of senior engineers.
Install, configure, and perform basic Identity services components as part of MFA services.
Develop automation tools necessary for MFA services.
Implementation of Identity lifecycle automated provisioning workflows to ensure secure, and timely access.
Work with cloud based tools in the deployment of the services in cloud infrastructure.
Utilize configuration management tools like Ansible for the delivery and support of MFA services.
Enforce zero-trust principles to adhere to security standards and processes.
Provide first-line operational support, including monitoring alerts, escalating issues, and assisting in 24x7 support efforts as scheduled.