Penetration Testing Lead

When you join Verizon

Verizon is one of the world’s leading providers of technology and communications services, transforming the way we connect across the globe. We’re a diverse network of people driven by our shared ambition to shape a better future. Here, we have the ability to learn and grow at the speed of technology, and the space to create within every role. Together, we are moving the world forward – and you can too. Dream it. Build it. Do it here.

What you’ll be doing...

The Verizon Cyber Security (VCS) organization enables the business by protecting assets and information across Verizon networks, infrastructure and applications. VCS integrates cybersecurity governance, policies, technologies and operations across Verizon, and works to incorporate security into the design of technology systems and services.

The Enterprise Penetration Testing Team supports the Verizon Cyber Security (VCS) mission by providing a realistic evaluation of existing security controls and practices. The team enables the Information Security Organizations with information to assist them in driving adoption of required security policies, controls, and standards. The team provides Verizon leadership accurate situational awareness of security adoption that is used to make strategic and tactical security decisions.

You will maintain processes and management services to ensure the ability of Verizon internal consumers to effectively engage the enterprise testing teams to request and receive testing services to support business objectives that support established service level agreements (SLAs) and operating level agreements (OLAs). You will maintain the single front door process to provide a consistent experience for engagement of Verizon internal consumers and consistent, repeatable results consistent with Verizon policy. Also, you will ensure that quality assurance processes are maintained to assess and improve enterprise testing service delivery and to assess delivery of testing services within the broader Verizon enterprise.

You will be responsible for establishing a Penetration Testing Center of Excellence.

• Developing a clear enterprise vision and approach to engaging and delivering penetration testing.
• Establishing and foster partnership and trust between the testing teams and business.
• Integrating process optimization and innovative engineering efforts.
• Developing and promoting best practices as enterprise standards.
• Establishing capabilities to provide technical guidance to support standards adoption and quality control.
• Driving process maturity within the organization by aligning short-term business unit needs with Verizon long-term enterprise goals.
• Leading the enterprise-wide penetration testing capabilities by setting the vision and establishing direction to identify material risks and vulnerabilities based on cutting edge tools, tactics and protocols in use by potential threat actors.
• Building and maintaining relationships with other IT, network, and security leaders to develop a clear understanding of business needs; ensure cost-effective delivery of penetration testing services to meet those needs, and is able to respond with agility to changing business priorities.
• Directing and overseeing the penetration testing center of excellence to develop and promote best practices and standards, innovate and optimize testing capabilities, and drive maturity and transparency across the enterprise security testing landscape.
• Working effectively with business units to facilitate penetration testing assessments to support new system testing, vulnerability remediation, post-incident remediation validation, and proactive identification of threats and vulnerabilities to support operational risk assessment and management processes and efforts.
• Managing the cost-efficient delivery of penetration testing services within an organizational structure potentially consisting of direct reports and dotted line reports. This includes ensuring hiring, training, staff development, performance management, and annual performance reviews are aligned and effectively executed to continue to grow the skills and capabilities in accordance with Verizon’s strategic needs.
• Monitoring the external threat environment for emerging threats, and advise relevant stakeholders on the appropriate courses of action.

Where you'll be working...

In this hybrid role, you'll have a defined work location that includes work from home and assigned office days set by your manager.

What we’re looking for...

You’ll need to have:

• Bachelor’s degree or four or more years of work experience.
• Six or more years of relevant work experience.
• Two or more years of Penetration Testing experience.

Even better if you have one or more of the following:

• Bachelor’s degree in Engineering or Information Technology.
• Master’s degree in a technical field.
• Experience in managing penetration testing engagements.
• Experience in effective penetration testing, as well as successfully executing programs that meet the objectives of excellence in a dynamic business environment.
• Ability to be a strategic people leader and proven capability to energize the appropriate teams in the organization; proven leadership in advanced information systems combined with broad business acumen.
• Experience of building, training, and developing a high-performing team; ability to lead and motivate the team to achieve tactical and strategic goals.
• Strong written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to technical and nontechnical audiences at various hierarchical levels, ranging from board members to technical specialists.
• Ability to be a critical thinker with strong problem-solving skills; strong excellent analytical skills, the ability to manage multiple projects under strict timelines, as well as the ability to work well and thrive in a demanding, dynamic environment and meet overall objectives.
• Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework.
• Professional security certifications such as CISSP, GXPN, GPEN, CEH, CISM, CISA, OCSP or other related or willingness to obtain within 12 months of hire.
• Project management skills: financial/budget management, scheduling and resource management.
• Experience with contract and vendor negotiations.

If Verizon and this role sound like a fit for you, we encourage you to apply even if you don’t meet every “even better” qualification listed above.

Equal Employment Opportunity

We're proud to be an equal opportunity employer - and celebrate our employees' differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. At Verizon, we know that diversity makes us stronger. We are committed to a collaborative, inclusive environment that encourages authenticity and fosters a sense of belonging. We strive for everyone to feel valued, connected, and empowered to reach their potential and contribute their best. Check out our diversity and inclusion page to learn more.

Salary : $87,800 - $111,000