Associate Director, Incident Response and Digital Forensics

When you join Verizon

You want more out of a career. A place to share your ideas freely — even if they’re daring or different. Where the true you can learn, grow, and thrive. At Verizon, we power and empower how people live, work and play by connecting them to what brings them joy. We do what we love — driving innovation, creativity, and impact in the world. Our V Team is a community of people who anticipate, lead, and believe that listening is where learning begins. In crisis and in celebration, we come together — lifting our communities and building trust in how we show up, everywhere & always. Want in? Join the #VTeamLife.

What you’ll be doing...
The Threat Management Center (TMC) is the first line of defense for Verizon's networks and information systems against misuse and attacks. The TMC performs 24x7x365 monitoring and responds to automated and user-reported cyber security incidents that may impact people and information important to Verizon. The TMC plays an integral role in driving forward the security intelligence and capabilities in Cyber Defense.

Verizon is looking for an innovative and driven leader who will be responsible for enhancing our existing threat defense capabilities and maturing our current processes within Verizon's unique security landscape. This role will oversee and work closely with stakeholders to develop and utilize proactive and mitigating measures to detect and respond to potential threats to Verizon’s infrastructure, application, product, and cloud environments. This position is required to be adaptable, utilize both operational and tactical techniques, and think creatively to effectively navigate the evolving threat landscape.

• Acting as the escalation point as needed for security incidents. This includes being responsible for successful cross-functional coordination and execution to mitigate threats across Verizon and 3rd party environments. This may also require needing to perform day-to-day operations.
• Providing daily oversight of TMC’s Incident Management (IM); Digital Forensics and Incident Response (DFIR), & After-Actions Remediation (AAR) functions.
• Coordinating and supporting after action remediation and escalations; ensuring gaps in detections are socialized with cybersecurity stakeholders; this includes identifying dependencies, recommendations, and collaborating to mitigate threats.
• Ensuring incident lessons learned and root cause analysis are completed and outcomes of those findings as well as compliance audits are reviewed to ensure repeatable and sustainable processes are established, followed or adjusted when necessary.
• Recommending ways to mature and advance the preventive and defensive capabilities of the TMC. This includes leveraging internal data, threat trends, and operational metrics to clearly communicate use cases.
• Acting as a point of contact for internal and external audit reviews. This includes producing and presenting artifacts and executive summaries to support the overall mission of the TMC.
• Presenting executive-level read-outs, metrics, and case reviews that accurately capture the effectiveness of TMC. This includes leveraging internal data, threat trends, and incident summaries to clearly communicate the Verizon landscape to senior executives, to include the Chief Information Security Officer.
• Developing and executing strategic goals and ensuring proper updates are socialized to appropriate stakeholders.
• Developing and setting clear goals and team expectations to successfully achieve organizational objectives. This includes defining key metrics and trends in the day-to-day operations and implementing changes to support the reduction of time to detect, respond, and remediate key technical security risks.
• Conducting team performance management activities like conducting reviews, check-ins and disciplinary action, as needed.
• Attracting, retaining, and leading a team of employees by educating, developing and managing them to deliver strong results. This includes developing talent for advancement in roles like incident management, threat hunt, and red team.
• Promoting an environment of collaboration and individual accountability when it comes to problem-solving, decision-making, and process improvements.

This position can be located in other valid Verizon locations.

What we’re looking for...

You’ll need to have:

• Bachelor’s degree or four or more years of work experience.
• Eight or more years of relevant experience required, demonstrated through one or a combination of work and/or military experience, or specialized training.
• Four or more years of people management experience.
• Four or more years of experience in Information Security, Technology or Technical Risk Analysis.
• Four or more years of experience working with various SIEM technologies (i.e. Splunk).
• Ability to pass and/or obtain a security clearance.

Even better if you have one or more of the following:

• Experience managing a security operation center (SOC) and/or Cyber Incident Response teams.
• Comprehensive knowledge utilizing system, cloud, application and network logs.
• Practical application of Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) tools to identify threat patterns, enrich investigations, and build automation-supported workflows.
• Fundamental understanding of cyber based adversarial frameworks including MITRE ATT&CK and Lockheed Martin’s Cyber Kill Chain.
• High-level understanding of Operating Systems: Windows, Unix/Linux, and MacOS operating systems in support of identifying security incidents.
• Proficient knowledge of the cyber threat landscape including types of adversaries, campaigns, and their motivations.
• Experience working with analysis techniques, identifying indicators of compromise, threat hunting, and identification of intrusions and potential incidents.
• Certifications like: Network+, Security+, CISSP, CISM, GSLC, and/or CFE.

If Verizon and this role sound like a fit for you, we encourage you to apply even if you don’t meet every “even better” qualification listed above.

Where you’ll be working

Scheduled Weekly Hours

Equal Employment Opportunity

Verizon is an equal opportunity employer. We evaluate qualified applicants without regard to veteran status, disability or other legally protected characteristics.

Benefits and Compensation

Our benefits are designed to help you move forward in your career, and in areas of your life outside of Verizon. From health and wellness benefit options including: medical, dental, vision, short and long term disability, basic life insurance, supplemental life insurance, AD&D insurance, identity theft protection, pet insurance and group home & auto insurance. We also offer a matched 401(k) savings plan, stock incentive programs, up to 8 company paid holidays per year and up to 6 personal days per year, parental leave, adoption assistance and tuition assistance, plus other incentives, we’ve got you covered with our award-winning total rewards package. Depending on the role, employees have the opportunity to receive compensation in the form of premium pay such as overtime, shift differential, holiday pay, allowances, etc. Newly hired employees receive up to 15 days of vacation per year, which grows with additional service. For part-timers, your coverage will vary as you may be eligible for some of these benefits depending on your individual circumstances.