Principal Engineer Network Security

You want more out of a career. A place to share your ideas freely - even if they're daring or different. Where the true you can learn, grow, and thrive. At Verizon, we power and empower how people live, work and play by connecting them to what brings them joy. We do what we love - driving innovation, creativity, and impact in the world. Our V Team is a community of people who anticipate, lead, and believe that listening is where learning begins. In crisis and in celebration, we come together - lifting our communities and building trust in how we show up, everywhere & always. Want in? Join the #VTeamLife.

The Verizon Network Security team is looking for a highly motivated and experienced Principal Engineer to join the Net-Sec Defense Organization under the Broadband Access team. You will be responsible for owning the Network security posture, Security Lifecycle and protection against threats across the Broadband access network that includes, but is not limited to Edge Routers, Broadband Access routers and switches, CPE equipment and RAN transport infrastructure.

The candidate will be required to understand complex network architectures utilizing various protocols, topologies, and vendor hardware . This role involves hands-on work and demonstrating subject matter expertise with Routers, switches, and other networking gear, as well as Security Information and Event Management (SIEM) tools, particularly Splunk and ISE. The engineer would be required to leverage automation platforms to develop scripts and tools to enhance security operations and play a key role in monitoring, analyzing, and leading response to network security incidents while implementing proactive measures to safeguard critical assets. You will be responsible for continuously monitoring and proactively detecting threats to safeguard network functions and assets, with a focus on leveraging automation and AI. This includes accountability for the network security scorecard for each network element type. Additionally, you will collaborate with internal organizations and vendors to improve security posture by implementing Network Security Policies across diverse network elements.

• Planning, designing, and leading execution of Network Security policies across all owned assets.

• Utilize existing expertise of routing, switching and network architecture to build a deep understanding of the network assets under your span of control and the product and feature roadmap.

• Quickly assess the impact of vulnerabilities and identify End-of-Life/End-of-Support hardware/software to create and lead a remediation plan.

• Discovering, identifying, and inventorying all network assets and asset information (model, version, etc) in your respective area of responsibility.

• Drive continuous improvement of network visibility and telemetry collection to strengthen detection and response capabilities.

• Lead the development of baseline operations for the team and implement threat detections, automated alerts to proactively identify potential cyber threats, leveraging SIEM tools such as Splunk.

• Lead the development of incident response protocols to quickly identify, contain, and resolve network security incidents and threats.

• Execute root cause analysis for incidents, perform regular security control assessments, and lead strategic security solution implementation in a highly scalable environment.

• Ensuring that the security controls planned for the Networks are operating effectively by performing audits. Leverage network automation and scripting to make the process efficient.

• Lead the development and upkeep of network automation systems for ongoing security monitoring and early identification of security incidents.

• Offer technical guidance and expert feedback on the Vendor Plan of Record (POR), selection of security/monitoring tools, and vendor engagements.

• Develop essential technical documentation, including playbooks, Confluence pages, Network diagrams, and Method of Procedures (MOPs).

• Prepare and deliver quarterly presentations to leadership detailing project status and updates.

• Mentor Team members as well as Organizational partners and act as the overall SME.

• Building healthy relationships across the Operations, Engineering, and Planning organizations to better understand the current and future landscape of the network.

Where you'll be working...

In this hybrid role, you'll have a defined work location that includes work from home and assigned office days in one of the offices listed for this position. In order to be eligible to apply for this position, you must be within commuting distance of one of those locations.

You'll need to have:

• Bachelor's degree or four or more years of relevant work experience.

• Six or more years of relevant work experience, demonstrated through one or a combination of work and/or military experience, or specialized training.

• Demonstrated leadership skills as a project and/or team lead for cross-functional project teams and vendor management.

• Expert understanding of Spine, Leaf, SDN, OTNGN, and Hub & Spoke network architectures.

• Expert-level understanding of routing and switching security, including BGP and IGP security, is mandatory, e.g., BGP hijacking, Route injection, and managing complex ACLs.

• Hands-on experience with internet-scale data sets such as Netflow, BGP, DNS, and IDS logs.

• Fluency in security frameworks, particularly the application of CIS Benchmarks (Level 1 & 2 hardening) and mitigating MITRE ATT&CK Tactics, Techniques, and Procedures (TTPs) on network devices, along with a solid understanding of network security fundamentals.

• Expertise in using Python, API, Ansible, or Terraform-type tools to automate and develop custom security "health checks" on network devices.

• Ability to assess and understand complex transport and 5G-SA network architectures.

• Understanding of network security fundamental policies and principles.

• Experience with utilizing SIEM tools like Splunk for performing analysis.

Even better if you have one or more of the following:

• Network Security certifications such as CISSP or other ISC2 certifications.

• Routing and Switching certifications like CCNP, CCIE, or equivalent vendor certs.

• Experience with Splunk performing data analysis, Dashboard creation, alerting, and automation.

• Familiarity with Identity and Access Management (IAM) solutions and SIEM tools.

• Demonstrated organization and project management skills.

• Knowledge of technical products and systems development lifecycle within a large global enterprise environment.

• Effective written, interpersonal, and verbal communication skills.

• Ability to work with diverse stakeholder,s including highly technical teams, business owners, and executives.

• Strong leadership and mentoring abilities, with experience guiding and developing teams.

If Verizon and this role sound like a fit for you, we encourage you to apply even if you don't meet every "even better" qualification listed above.

Verizon is an equal opportunity employer. We evaluate qualified applicants without regard to veteran status, disability or other legally protected characteristics.

Our benefits are designed to help you move forward in your career, and in areas of your life outside of Verizon. From health and wellness benefit options including: medical, dental, vision, short and long term disability, basic life insurance, supplemental life insurance, AD&D insurance, identity theft protection, pet insurance and group home & auto insurance. We also offer a matched 401(k) savings plan, up to 8 company paid holidays per year and up to 6 personal days per year, paid parental leave, adoption assistance and tuition assistance, plus other incentives, we've got you covered with our award-winning total rewards package. Depending on the role, employees have the opportunity to receive compensation in the form of premium pay such as overtime, shift differential, holiday pay, allowances, etc. Newly hired employees receive up to 15 days of vacation per year, which grows with additional service. For part-timers, your coverage will vary as you may be eligible for some of these benefits depending on your individual circumstances.