Senior Network Security Engineer

Verizon•Southlake, TX

20h•Hybrid

About The Position

When you join Verizon You want more out of a career. A place to share your ideas freely — even if they’re daring or different. Where the true you can learn, grow, and thrive. At Verizon, we power and empower how people live, work and play by connecting them to what brings them joy. We do what we love — driving innovation, creativity, and impact in the world. Our V Team is a community of people who anticipate, lead, and believe that listening is where learning begins. In crisis and in celebration, we come together — lifting our communities and building trust in how we show up, everywhere & always. Want in? Join the #VTeamLife. What you’ll be doing... At Verizon, the Global Networks & Technology Network Security team is looking for a highly motivated and experienced Senior Engineer to join the Security Defense organization. The Defense teams are responsible for safeguarding critical routing infrastructure and data center fabrics that power 5G services including spine-leaf fabrics, firewalls, and load balancers. You will be expected to build a deep understanding of the asset function and roadmap enhancements, develop intelligent threat detections and safeguards through proactive monitoring, and improve the overall security hygiene by implementing the Network Security Fundamentals (Access Management, Situational Awareness, Configuration Hardening, Vulnerability Mitigation). We need an expert who speaks the language of Cisco IOS XE/XR/NX-OS, Nokia SR OS, Juniper OS, and F5 F5OS/TMOS and who can translate high-level security frameworks into concrete, low-level device configurations.

Requirements

Bachelor’s degree or four or more years of relevant work experience demonstrated in data networking and telecommunications, including expert knowledge of TCP/IP (IPv4 & IPv6), VXLAN, SR, EVPN, OSPF, and BGP.
Demonstrated experience in Carrier/Service Provider Network Engineering or Security with hands-on proficiency with Cisco IOS XE/XR/NX-OS, Nokia SR OS, Juniper OS, and F5 F5OS/TMOS.
Proven experience securing Spine-Leaf architecture and data center fabrics with strong knowledge of BGP security (RPKI, prefix-lists, TTL security) and IGP security (OSPF/IS-IS authentication).
Framework fluency in CIS Benchmarks applying Level 1 & Level 2 hardening profiles.
Proven track record of managing and delivering results.
MITRE ATT&CK: Ability to explain how specific network controls mitigate specific TTPs (Tactics, Techniques, and Procedures) in the Network Devices matrix.
Strong leadership and mentoring abilities.
Ability to work with diverse stakeholders including highly technical teams, business owners, and executives.
Effective written, interpersonal, and verbal communication skills.

Nice To Haves

Cisco: CCIE (Service Provider or Security)
Nokia: NRS II (Nokia Routing Specialist) or SRA (Service Routing Architect).
Juniper: JNCIE (Service Provider or Security)
F5: Certified Technology Specialist (BIG-IP)l or Solution Expert
CISSP

Responsibilities

Providing recommendations to improve defensive cyberspace operations - internal defensive measures (DCO-IDM) and the cyber resiliency of the portfolio’s systems and services.
Collaborating with stakeholders to improve the core networking security posture through the assessment and implementation of the Network Security Fundamentals (Access Management, Situational Awareness, Configuration Hardening, Vulnerability Mitigation).
Providing recommendations to improve defensive cybersecurity practices.
Discovering, identifying, and confirming inventory of all network assets and asset information (model, version, etc) in your respective area of responsibility.
Building a deep understanding of the network assets and the roadmap to quickly assess the impact of vulnerabilities and identify End-of-Life/End-of-Support hardware/software.
Developing a baseline of normal operations and implement intelligent threat detections to alert on deviations to proactively identify potential cyber threats.
Performing log analysis and develop incident response protocols to quickly identify, contain, and resolve network security incidents and threats.
Architecting security hardening and implementation of CIS Benchmarks for Cisco IOS XE/XR/NX-OS, Nokia SR OS, Juniper OS, and F5 F5OS/TMOS to enforce "Gold Standard" configurations.
Designing and auditing of ACLs to drive segmentation strategy across network infrastructure.
Creating and using automation tools (Ansible, Spunk) and programmatic methods to build life cycle management workflows, perform configuration compliance, and implement threat modeling / detection.
Driving adversary emulation by mapping core network defenses directly to the MITRE ATT&CK for Network Devices matrix.

Benefits

Our benefits are designed to help you move forward in your career, and in areas of your life outside of Verizon. From health and wellness benefit options including: medical, dental, vision, short and long term disability, basic life insurance, supplemental life insurance, AD&D insurance, identity theft protection, pet insurance and group home & auto insurance.
We also offer a matched 401(k) savings plan, up to 8 company paid holidays per year and up to 6 personal days per year, paid parental leave, adoption assistance and tuition assistance, plus other incentives, we’ve got you covered with our award-winning total rewards package.
Depending on the role, employees have the opportunity to receive compensation in the form of premium pay such as overtime, shift differential, holiday pay, allowances, etc.
Newly hired employees receive up to 15 days of vacation per year, which grows with additional service.
For part-timers, your coverage will vary as you may be eligible for some of these benefits depending on your individual circumstances.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume