Senior Digital Forensics and Incident Responder

You want more out of a career. A place to share your ideas freely - even if they're daring or different. Where the true you can learn, grow, and thrive. At Verizon, we power and empower how people live, work and play by connecting them to what brings them joy. We do what we love - driving innovation, creativity, and impact in the world. Our V Team is a community of people who anticipate, lead, and believe that listening is where learning begins. In crisis and in celebration, we come together - lifting our communities and building trust in how we show up, everywhere & always. Want in? Join the #VTeamLife.

Verizon is looking for an innovative and motivated professional who will be responsible for safeguarding the Verizon multi-cloud environments and on-prem enterprise systems. This individual will take the initiative to respond to and mitigate threats, improve incident response and forensic strategies, and ensure continuous operation of Verizon's cloud environment and global enterprise.

This Digital Forensics and Incident Responder role is a senior level position working in the TMC's fast paced collaborative environment and is required to be adaptable, utilize both strategic and tactical techniques, and think creatively to effectively navigate the evolving threat landscape. This role will partner and work closely with key cross-functional stakeholders to develop and utilize proactive and mitigating measures to prevent, detect and respond to potential threats to Verizon's multi-cloud environments. The position will support the Digital Forensic Incident Response team and actively collaborate with other teams throughout Verizon's Advanced Cyber Defense Threat Management Center organizations.

• Utilizing advanced digital forensic and incident response techniques and tools to detect, analyze, and respond to anomalous activities.

• Driving the technical oversight and guidance required to support cloud environment (i.e. AWS, Azure, GCP) day-to-day operations.

• Operating as a trusted advisor on advanced threat analysis for team and stakeholders.

• Leveraging security tools and logs in order to complete a detailed and accurate assessment of security alerts and threats affecting the Verizon enterprise and cloud infrastructure.

• Developing security controls for multiple cloud platforms via automated capabilities by using advanced analysis and forensic techniques.

• Driving identification, analysis, and remediation activities to ensure compliance with relevant regulatory requirements, industry standards, and best practices related to cloud security and data privacy.

• Developing and executing specialized incident response procedures to detect, contain, and recover from security incidents targeting AI/ML models, training data, or model-serving infrastructure.

• Providing assistance and analytical evaluations for high-priority and significant security incidents, including composing extensive and comprehensive analysis summaries and facilitating incident-related discussions.

• Conducting risk assessments, in-depth analysis, and forensic investigations to determine the root cause and impact of incidents.

• Identifying gaps in detections and collaborating with teams across Cyber Security to mitigate threats and improving the overall TMC cloud security posture.

• Serving as a subject matter expert on emerging enterprise, cloud and AI/ML-related threats and collaborating with cross-functional teams to establish security best practices.

• Recommending ways to mature and advance the preventive and defensive capabilities of the TMC. This includes leveraging internal data, threat trends, and operational metrics to clearly communicate the use case for alert creation.

• Collaborating with cross-functional teams to design and implement cloud governance guidelines, safeguarding sensitive data, and ensuring adherence to industry standards and regulatory requirements.

• Enhancing techniques, workflows and processes of cloud security controls, compliance assessments, and incident response procedures to drive the TMC operational and strategic growth (continuous improvement).

• Assisting with producing executive-level operational read-outs, metrics, and case reviews for management that accurately capture the effectiveness of TMC.

• Mentoring and coaching TMC analysts to build and maintain skills and techniques needed to produce quality and consistency analysis.

What we're looking for:

• Bachelor's degree or six or more years of work experience

• Six or more years of relevant experience required, demonstrated through work experience and/or military experience with a focus on DFIR and cloud security analysis and incident response (AWS, GCP, Azure, OCI).

• Experience working in cybersecurity, with a focus on Digital Forensics, Incident Response, Threat Hunting and/or Cloud Security (AWS, GCP, Azure, OCI).

• Ability to pass and/or obtain all necessary security clearances.

• Strong understanding of cloud security frameworks and best practices.

• Proficient in cloud computing concepts, including IaaS, PaaS, SaaS.

• Comprehensive knowledge with programming or scripting languages relevant to cloud security automation and orchestration.

• Fundamental understanding of cyber based adversarial frameworks including MITRE ATT&CK and Lockheed Martin's Cyber Kill Chain.

• Proficient knowledge of the cyber threat landscape including types of adversaries, campaigns, and the motivations that drive them.

• Experience working with analysis techniques, identifying indicators of compromise, threat hunting, and identification of intrusions and potential incidents.

• Python and/or Powershell experience to enhance automations, ad-hoc forensic analysis, and speed-up response times.

• Previous experience with log aggregation platforms such as Splunk, Elastic, Snowflake, LogRhythm, Google SecOps, etc.

• Proficient in understanding Operating Systems and their architectures: Windows, Unix/Linux, and MacOS.

• Demonstrated leadership and mentoring skills to help advance the overall capabilities of the TMC organization.

• Ability to work in a highly collaborative environment needing strong communication, presentation, and leadership-like skills.

• Exhibits initiative, follow-up and follow through with commitments.

• Advanced degree(s) from an accredited institution of higher education in cybersecurity, security management, information system security, network security and/or digital forensics.

• Certifications like: Network+, Security+, CISSP, EnCE, CFCE, C|EH, C|HFI, GCFA, GCFE, GCIH and/or cloud-specific security certifications (e.g. AWS Certified Security - Specialty, Microsoft Certified: Azure Security Engineer Associate, Google Cloud Certified Professional Cloud Security Engineer)

If Verizon and this role sound like a fit for you, we encourage you to apply even if you don't meet every "even better" qualification listed above.

Verizon is an equal opportunity employer. We evaluate qualified applicants without regard to veteran status, disability or other legally protected characteristics.

Our benefits are designed to help you move forward in your career, and in areas of your life outside of Verizon. From health and wellness benefit options including: medical, dental, vision, short and long term disability, basic life insurance, supplemental life insurance, AD&D insurance, identity theft protection, pet insurance and group home & auto insurance. We also offer a matched 401(k) savings plan, up to 8 company paid holidays per year and up to 6 personal days per year, paid parental leave, adoption assistance and tuition assistance, plus other incentives, we've got you covered with our award-winning total rewards package. Depending on the role, employees have the opportunity to receive compensation in the form of premium pay such as overtime, shift differential, holiday pay, allowances, etc. Newly hired employees receive up to 15 days of vacation per year, which grows with additional service. For part-timers, your coverage will vary as you may be eligible for some of these benefits depending on your individual circumstances.