[Close] 

Cloud Security Remediation Engineer

What you ll be doing...

As our Cloud Security Remediation Developer, you will be responsible for closely monitoring security advancements in the OpenStack development community and ensuring that any enhancements to cloud security, industry recognized security frameworks and security best practices are applied to our deployments as applicable. You will also be responsible for creating auditing and reporting mechanisms that will fit into the existing VCP monitoring and alarming regimens so that the team can track remediation efforts and compliance over time, and take corrective action when systems fall out of compliance

Verizon is looking for out-of-the-box thinkers to help us build and manage the Verizon Cloud Platform (VCP). People who are hard-working and really want to help transform the way we do operations. What we do really matters to the business. This is a great opportunity for you to bring your technical leadership, skills and experience to life as part of a small team within a large organization. We operate with a lean startup mentality with the support of a large directional division. You will have the experience and expertise of the best network team in the world behind you as you help the team transform infrastructure, workload, and product through content delivery, mobility, and Verizon's enabling of the Internet of Things.

Verizon Cloud Platform & Infrastructure Security:

  • OS, Stack, and node level firewall management/hardening, threat identification/remediation, configuration management, file system and data integrity monitoring, penetration testing, and regulatory compliance

Platform Auditing and Compliance:

  • Through the use of several industry accepted security frameworks, routinely audit the VCP infrastructure, measuring compliance with these standards and develop code to remediate any findings that fall outside of acceptable boundaries

Reporting and Automation:

  • Development of tooling and processes to ensure that security remediation solutions are deployed uniformly across all VCP locations around the globe and track audit results and compliance down to the node level.

Cloud Application Security:

  • Identification of tenant validation requirements, discovery/verification of critical vulnerabilities for tenants, creation and management of tenant vulnerability reports and KPIs, regulatory compliance

Legal & Compliance:

  • Ensure supplier provided software and services meet requirements for Verizon regulatory environment

What we re looking for...

You ll need to have:

  • Bachelor s degree or four or more years of work experience.
  • Six or more years of relevant work experience.

Even better if you have:

  • A degree.
  • Demonstrated strong communication skills (written, verbal, presentation).
  • Experience with Linux systems administration (preferably in Virtualized environment).
  • Strong security background with a focus in OS level system hardening techniques and compliance with industry approved frameworks (NIST, STIG, CIS, PCI-DSS, FISMA).
  • Experience working with common pen test tools such as Nmap, Nessus, OpenVAS, Wireshark, Metasploit, etc.
  • Strong scripting skills (e. g. Python, Bash/Shell, Ruby, Perl, other).
  • Experience working with APIs (preferably including OpenStack APIs).
  • Experience working modern configuration management tools (Puppet, Ansible, Chef).
  • Experience working with KVM, libvirt, VMWare, or other virtualization technology.
  • Knowledge of IP networking, VPN's, DNS, load balancing, firewalls, SSL termination devices.
  • Experience working with solutions at scale.
  • Ability to enhance team learning environment by providing and encouraging mentorship and technical leadership.
  • Experience building and troubleshooting OpenStack.
  • Experience with Openstack Deployment technologies (tripleo, MAAS).
  • Experience with Continuous Integration / Continuous Deployment (CI/CD).
  • Knowledge of GitHub and managing and maintaining repositories for collaborative work efforts.
  • CISSP, CEH or other similar security certifications.
  • Firm understanding of the concepts behind Software Defined Networking (SDN) and Network Function Virtualization (NFV).
  • Contributions to open-source projects.



Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.