Paranoids Technical Risk Analyst Verizon Media
Los Angeles, CA

Job Description

It takes powerful technology to connect our brands and partners with an audience of 1 billion. Nearly half of Verizon Media employees are building the code and platforms that help us achieve that. Whether you're looking to write mobile app code, engineer the servers behind our massive ad tech stacks, or develop algorithms to help us process 4 trillion data points a day, what you do here will have a huge impact on our business-and the world. Want in? As Verizon's media unit, our brands like Yahoo, TechCrunch and HuffPost help people stay informed and entertained, communicate and transact, while creating new ways for advertisers and partners to connect. With technologies like XR, AI, machine-learning, and 5G, we're transforming media for tomorrow, too. We're creators and coders, dreamers and doers creating what's next in content, advertising and technology.

When you impact millions of people every single day, you become a large target for adversaries of all types within all layers of the stack. Our job is to keep our users safe and make Verizon Media one of the safest places on the Internet.

We are the information security team at Verizon Media; known as "The Paranoids".

Verizon Media is currently seeking a strong Technical Risk Analyst with a desire to focus on information security to join the Paranoids Risk Management team. This role provides significant growth in knowledge and experience in the areas of information security, vulnerability management, and risk analytics. The Technical Risk Analyst is responsible for ensuring Verizon Media businesses and third parties are appropriately evaluating risks inherent in software development and technology stack. The Technical Risk Analyst will be responsible for engaging with Verizon Media engineers and the Paranoids Red Team to evaluate and balance between security risk and and business impacts. Candidates should be familiar with common application security vulnerabilities as well as a demonstrated understanding of common security and control frameworks.

Responsibilities

* Provide subject matter expertise on application security vulnerabilities and security controls and secure programming practices


* Maintain and enforce information security policies and standards to enable a positive risk posture within Verizon Media


* Incorporate criteria, tools and methodologies for identification and analysis of emerging security threats to Verizon Media, collaborating with security defense


* Identify, qualify, assess, and review security risk evaluation requests from the business, including emerging risks


* Act as a liaison between business and software engineering teams to understand and communicate technical security information to non-technical audiences


* Contribute to other risk management activities such as tracking, driving and validating remediation of security vulnerabilities


* Manage Verizon Media cyber risk register in order to monitor execution of mitigation strategies


* Enable effective reporting of security risks across the company on a weekly, monthly, quarterly, and ad-hoc basis for executive leadership



Required Qualifications

* 4+ years relevant experience in an information security, IT risk management, IT audit or consulting role with progressive experience in security assessments, and security risk management and metrics


* Bachelor's Degree in Computer Science or Management Information Systems preferred


* Ability to engage with teams to review application architecture and recommend secure designs for a fast paced, engineering-drive environment


* Application security experience including knowledge of web security vulnerabilities and countermeasures, including OWASP Top 10


* Knowledge of control frameworks and external compliance regulations/standards such as NIST 800-53, PCI DSS, ISO27001, SSAE 16, COSO, COBIT, etc.


* Proven ability to function well independently and in a team, and be comfortable in a fast-paced, dynamic environment



Desired Qualifications

* 3+ years of relevant cybersecurity experience for a global technology or media company


* Experience in large scale technology implementations


* Relevant cyber certifications (e.g., CISA, CISSP, GSEC, CCNA, CISM)



Verizon Media is proud to be an equal opportunity workplace. All qualified applicants will receive consideration for employment without regard to, and will not be discriminated against based on age, race, gender, color, religion, national origin, sexual orientation, gender identity, veteran status, disability or any other protected category. Verizon Media is dedicated to providing an accessible environment for all candidates during the application process and for employees during their employment. If you need accessibility assistance and/or a reasonable accommodation due to a disability, please email ApplicantAccommodation@verizonmedia.com or call 408-336-1409. Emails/calls received for non-disability related issues, such as following up on an application, will not receive a response.

Currently work for Verizon Media? Please apply on our internal career site.