* Develop and implement algorithms to address the new threats and produce actionable intelligence. * Work with system administrators to validate logging and alerting configuration. * Develop data-driven risk criteria for prioritization of host-based security events. * Develop dashboards and reports to identify potential threats, suspicious/anomalous activity, malware, insider threats. * Analysis of security incidents for further enhancement of alerting schema. * Identification of and correlation with other data sources to enhance security event detection, monitoring and response capabilities. * Provide network forensic and analytic support of large scale and complex security incidents such as targeted attacks and network/system infiltration. * In-depth forensic analysis of network packet captures, DNS, proxy, Netflow, malware, host-based security and application logs, as well as logs from network anomaly and signature-based detection systems. * Create and maintain informative technical and procedural documentation for various teams\stakeholders in order for others to effectively understand and use the data product/tools. * Provide analytics support through audio-visual presentations/demonstrations as well as frequent interaction with customer and peer teams to gauge effectiveness of the data analytics program. * Work closely with a team of security/network SMEs and incident managers/analysts to understand current environment and problems to solve. * Assist with supporting a large scale Suricata IDS deployment.
What we're looking for...
You'll need to have:
* Bachelor's degree or four or more years of work experience. * Six or more years of relevant work experience. * Three years' experience working with Security analytics, big data analysis or threat intelligence. * Willingness to travel.
Even better if you have:
* A degree, preferably in Computer Science, Mathematics or other sciences. * Experience creating SIEM correlation logic, performing data analysis, managing data intake, and conducting security threat analytics on real-time and historical log data. * Experience securing large enterprise environments. * Five years of progressive experience providing network threat monitoring and analysis. * Knowledge of regular expressions and at least one common scripting language (PERL, Python, VB Script). * Knowledge of the Splunk search language, search techniques, alerts, dashboards and report building. * Knowledge of network protocols and various operating systems such as Windows and Unix. * Seven or more years of experience in the IT industry. * Network troubleshooting, root cause analysis, host and network-based forensic experience. * Two or more of years of experience Web and application development. * Security certifications: CISSP, CISM or GIAC. * Splunk certifications: Power User, Admin, Architect.
When you join Verizon...
You'll be doing work that matters alongside other talented people, transforming the way people, businesses and things connect with each other. Beyond powering America's fastest and most reliable network, we're leading the way in broadband, cloud and security solutions, Internet of Things and innovating in areas such as, video entertainment. Of course, we will offer you great pay and benefits, but we're about more than that. Verizon is a place where you can craft your own path to greatness. Whether you think in code, words, pictures or numbers, find your future at Verizon.
Equal Employment Opportunity
We're proud to be an equal opportunity employer- and celebrate our employees' differences,including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. Different makes us better.
Verizon Communications (formerly Bell Atlantic) is a company providing communications, information, and entertainment products and services.