Insider Threat Operations Specialist

When you join Verizon

You want more out of a career. A place to share your ideas freely - even if they're daring or different. Where the true you can learn, grow, and thrive. At Verizon, we power and empower how people live, work and play by connecting them to what brings them joy. We do what we love - driving innovation, creativity, and impact in the world. Our V Team is a community of people who anticipate, lead, and believe that listening is where learning begins. In crisis and in celebration, we come together - lifting our communities and building trust in how we show up, everywhere & always. Want in? Join the V Team Life.

What you'll be doing...

The Threat Management Center (TMC) is the first line of defense for Verizon's networks and information systems against misuse and attacks. This role is the insider threat program governing authority of the TMC's 24x7x365 monitoring teams who respond to automated and user-reported cyber security incidents that may impact people and information important to Verizon. The TMC plays an integral role in driving forward the security intelligence and capabilities in Cyber Defense. 

This role falls under TMC's Insider Threat Operations (ITO) team. The mission of the ITO team is to protect Verizon by preventing, detecting, and investigating all insider threats by malicious or negligent employees, contractors and vendors with minimal disruption to the line of business.

• Overseeing day-to-day operations for insider threat investigations, specializing in internal fraud and maturing ITO's critical asset program. 

• Completing accurate and complete investigations and ensuring tasks like case follow up, lessons learned, and case studies are conducted and socialized with appropriate stakeholders.

• Reviewing and providing feedback to analysts about case work and escalations. This includes ensuring the case management and alert development life cycles are followed or adjusted when necessary and making sure monitoring is conducted within the designated detection and response times.

• Developing and assisting with implementing global insider threat use cases surrounding data exfiltration, internal fraud, privilege escalations, as well as IT sabotage for desktops, laptops, servers, mobile, virtual and multi-cloud environments.

• Identifying and implementing continuous process improvements for the ITO team to prevent, detect, and respond to insider threats. This individual should think like a threat actor, understands what threat actors target, and exhibits an understanding of frontline systems that may be exploited by insider threats. 

• Coordinating and leading meetings with relevant investigative stakeholders and business partners when necessary.

• Participating in Purple Team, Threat Hunt, and tabletop exercises.

• Presenting executive-level operational read-outs, metrics, and case reviews that accurately capture the effectiveness of ITO. This includes leveraging internal data, threat trends, and operational metrics to clearly communicate the Verizon landscape to senior executives, to include the Chief Information Security Officer.

• Evaluating enterprise-level KPIs and making recommendations to ensure effectiveness, efficiency, and overall customer satisfaction. This includes suggesting key metrics and trends to focus on within the day-to-day operations and recommending changes to support the reduction of time to detect, respond, and remediate key technical security risks.

• Developing and maintaining documentation to ensure repeatable and sustainable processes are followed or adjusted when necessary. 

• Executing long-term and short-term strategic goals and ensuring proper updates are socialized to appropriate stakeholders. 

• Researching industry trends and best practices in order to ensure alerting and case management processes are evolving with the cybersecurity field. 

• Promoting an environment of collaboration and individual accountability when it comes to problem-solving, decision-making, and process improvements. 

What we're looking for...
 

Verizon is looking for an innovative and driven leader who will be responsible for enhancing our existing insider threat defense capabilities and maturing our current processes within Verizon's unique security landscape.

You'll need to have:

• Bachelor's degree or four or more years of work experience.

• Four or more years of relevant work experience.

• Two or more years of experience in Cyber Security working cases involving Fraud and Nation-state threat actors.

• Two or more years of experience working with SIEM technologies (i.e. Splunk).

Even better if you have one or more of the following:

• Experience integrating subject profiling and criminal examination best practices into investigative procedures to supplement technical evidence, specifically with the Fraud space.

• Practical application of designing and implementing control, assurance and data quality metrics.

• Comprehensive understanding of cyber based adversarial frameworks including MITRE ATT&CK and Lockheed Martin's Cyber Kill Chain.

• Understanding of SOC or similar environment methodology, including threat monitoring, intrusion detection, analysis, threat determination, incident handling, and remediation tracking.

• High-level understanding of Operating Systems: Windows, Unix/Linux, and OSX Operating Systems in support of identifying security incidents. 

• Proficient knowledge of the cyber threat landscape including types of adversaries, campaigns, and the motivations that drive them, specifically with Nation-state threat actors.

• Experience working with analysis techniques, identifying indicators of compromise, threat hunting, and identification of intrusions and potential incidents.

• Understanding of system development life cycle (waterfall & agile) experience.

• Certifications like: Network+, Security+, CISSP, CISM, CERT's ITPM, GIAC GCTI and/or ACFE's CFE

If Verizon and this role sound like a fit for you, we encourage you to apply even if you don't meet every "even better" qualification listed above.

In this hybrid role, you'll have a defined work location that includes work from home and a minimum eight assigned office days per month that will be set by your manager.Scheduled Weekly Hours40Equal Employment Opportunity 

We're proud to be an equal opportunity employer - and celebrate our employees' differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. At Verizon, we know that diversity makes us stronger. We are committed to a collaborative, inclusive environment that encourages authenticity and fosters a sense of belonging. We strive for everyone to feel valued, connected, and empowered to reach their potential and contribute their best. Check out our diversity and inclusion page to learn more.