Threat Hunter

When you join Verizon

You want more out of a career. A place to share your ideas freely - even if they're daring or different. Where the true you can learn, grow, and thrive. At Verizon, we power and empower how people live, work and play by connecting them to what brings them joy. We do what we love - driving innovation, creativity, and impact in the world. Our V Team is a community of people who anticipate, lead, and believe that listening is where learning begins. In crisis and in celebration, we come together - lifting our communities and building trust in how we show up, everywhere & always. Want in? Join the V Team Life.

 What you'll be doing...

The Threat Management Center (TMC) serves as the initial point of defense for Verizon's networks and information systems, safeguarding them against internal misconduct and cyber-attacks. The TMC Advanced Cyber Defense (TMC-ACD) team is tasked with responding to, investigating, hunting and managing all incidents. Collectively, the teams strive to protect Verizon's brand reputation and revenue streams through proactive identification, response, and mitigation of potential threats that could adversely affect Verizon or its business partners. This threat hunter role will work in the TMC's fast paced collaborative environment and is required to be adaptable, utilize both strategic and tactical techniques, and think creatively to effectively navigate the evolving threat landscape. This individual will take the initiative to identify and neutralize threats through proactive hunting and detection, improve incident response and mitigation strategies, and ensure continuous operations to safeguard Verizon from current and future cyber threats. The position will support threat hunting, digital forensics, and incident responder duties. 

Responsibilities:

• Performing day-to-day operations as a trusted advisor on advanced threat hunt for team

• Leading "hunt missions" using threat intelligence, data from multiple sources and results of brainstorming sessions to discover evidence of threats, insider misconduct, or anomalous behavior

• Utilizing advanced threat hunting techniques and tools to detect, analyze, and respond to anomalous activities. This includes Identifying threat actor groups and characterizing suspicious behaviors as well as being able to identify traits, C2, and develop network and host-based IOCs or IOAs.

• Finding evidence of threats or suspicious behavior, and leveraging data to improve controls and processes; this will require a blend of investigative, analytical, security, and technical skills to be successful. 

• Evaluating and making recommendations on security tools and technologies needed to analyze potential threats to determine impact, scope, and recovery. 

• Ensuring gaps in detections are socialized with Cyber Security stakeholders; this includes identifying dependencies, recommendations, and collaborating to mitigate threats. 

• Reviewing outcomes of incident lessons learned, root cause analysis, and on-demand compliance audits to ensure repeatable and sustainable processes are established, followed or adjusted when necessary.

• Acting as subject matter expert in internal and external audit reviews. This includes producing and presenting artifacts and executive summaries to support the overall mission of the TMC. 

• Participating in Purple Team, Threat Hunt, and tabletop exercises.

• Working closely with key cross-functional stakeholders to develop and utilize proactive and mitigating measures to prevent, detect and respond to potential threats to Verizon on prem and cloud environments. 

• Presenting executive-level operational read-outs, metrics, and case reviews that accurately capture the effectiveness of the threat hunt team. This includes leveraging internal data, threat trends, and operational metrics to clearly communicate the Verizon landscape to senior executives, to include the Chief Information Security Officer.

• Developing and executing long-term and short-term strategic goals and ensuring proper updates are socialized to appropriate stakeholders. 

• Mentoring and advising team members by educating them on advanced techniques to help drive the operational and strategic growth of the organization. 

• Promoting an environment of collaboration and individual accountability when it comes to problem-solving, decision-making, and process improvements.
  This position can be located in other valid Verizon locations.

What we're looking for…

Verizon is looking for an innovative and driven leader who will be responsible for enhancing our existing threat defense capabilities and maturing our current processes within Verizon's unique security landscape

You'll need to have:

• Bachelor's degree or six or more years of work experience

• Four or more years of experience in cybersecurity, with a focus on threat hunting, cloud security (AWS, GCP, Azure, OCI), and incident response

Even better if you have one or more of the following:

•  Demonstrated experience as a key member of a security operations team (SOC, Incident Response, Threat Intel, Malware Analysis, IDS/IPS Analysis, etc.)

• Comprehensive knowledge utilizing system, cloud, application and network logs.

• High-level understanding of Operating Systems: Windows, Unix/Linux, and OSX Operating Systems in support of identifying security incidents. 

• Proficient knowledge of the cyber threat landscape including types of adversaries, campaigns, and the motivations that drive them.

• Experience working with analysis techniques, identifying indicators of compromise, threat hunting, and identification of intrusions and potential incidents.

• Fundamental understanding of tactics, technologies, and procedures related to Cyber Crime, Malware, Botnets, Hacktivism, Social Engineering, APT or Insider Threat

• Knowledgeable with Regular Expressions, YARA and SIGMA rules, AQL and KQL type and at least one common scripting language (PERL, Python, PowerShell) 

• Knowledge on query structures like Strong understanding of cyber based adversarial frameworks including MITRE ATT&CK and Lockheed Martin's Cyber Kill Chain.

• Certifications like: Network+, Security+, CISSP, CISM, GCIH, GCFA, GCFE, GREM and/or or cloud-specific certifications (ex: AWS Certified Security - Specialty, Microsoft Certified: Azure Security Engineer Associate, Google Cloud Certified Professional Cloud Security Engineer) 

If Verizon and this role sound like a fit for you, we encourage you to apply even if you don't meet every "even better" qualification listed above.

In this hybrid role, you'll have a defined work location that includes work from home and a minimum eight assigned office days per month that will be set by your manager.Scheduled Weekly Hours40Equal Employment Opportunity 

We're proud to be an equal opportunity employer - and celebrate our employees' differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. At Verizon, we know that diversity makes us stronger. We are committed to a collaborative, inclusive environment that encourages authenticity and fosters a sense of belonging. We strive for everyone to feel valued, connected, and empowered to reach their potential and contribute their best. Check out our diversity and inclusion page to learn more.