Security Services Advisor

Responsibilities

Overview:

The primary goal of the dedicated Security Service Advisor (SSA) is to aggregate security, vulnerability, and threat data, analyze unusual and interesting patterns, and then communicate and explain what the data means to the customers, providing actionable intelligence and recommendations based on the threat data.  Your goal is also to develop and maintain the client relationship, ensuring client satisfaction with the security solutions, operations, quality and assurance Verizon is providing to the client.  The SSA drives greater value towards the Managed Security Service (MSS) customers through delivering services described in the MSS Service Description, providing additional security analysis, risk advisories, vulnerability assessment reporting, and service reporting over the lifecycle of the contract. Primary functions will include but are not limited to security incident trending analysis and reporting, security gap analysis, executive reporting, vulnerability assessments and reporting, and keeping abreast of industry trends.

Job Description:

  • Provide onsite support delivering a consultative approach by performing continuous incident analysis, service analysis, gap analysis using defined tools and techniques to assist clients in making necessary decisions to improve overall security program
  • Understands how to quantify risk using threat likelihood, implementation state, and business impact variables
  • Understands how to prioritize remediation efforts based on business need, compliance need, and/or risk reduction need
  • Understands how to analyze discovery scan data and vulnerability data to determine unusual use configurations, discovery of aged software, and proper identification of high-severity vulnerabilities.  In most cases, the SSA will identify and remove false positive findings and/or downgrade certain vulnerabilities based on Verizon Risk Intelligence
  • Understands how to upload vulnerability details into MSS Security Portals; and analyze security incidents with the expectation of providing trending analysis and recommendations
  • Understands how to define action plans that are easy to implement, effective at reducing risk, and as much as possible will take advantage of existing people, processes, and technologies
  • Stay abreast of the changing enterprise solutions and security needs of the customer; and obtain a working familiarity of the clients’ enterprise solutions market, practices, organization, stakeholders, risks, key decision makers and strategic objectives
  • Develop and create Executive Briefings (frequency is based on client demand).  The Executive Briefing will illustrate Implementation/Operational score, Threat and/or Vulnerability score, trending details, and may include high-level action plans
  • Detailed Vulnerability Reports (frequency is based on client demand).  The Detailed Vulnerability Reports will illustrate summary and detailed findings in regards to aged software, unusual use configurations, and vulnerability severity
  • Monitors change activity, including device feature and maintenance release upgrades as well as vulnerability patches.
  • Provides training and information to clients on MSS portal and services at inception and periodically as new features and enhancements to portal and service are made, as well as “refresher” training as necessary
  • Provides training and education to internal VES teams, including SOC, engineering, etc. on client contracts, SLA’s, specific network anomalies, etc. to allow for proper operational support
  • The SSA may be responsible for maintaining some level of client specific documentation set as defined in the contract and approved by VES MSS; and maintains client information in designated CMDB, Wiki pages, Operational Playbooks, and document repositories
  • Be client’s advocate and spearhead the development of extra or new and non-standard functionality within the Verizon product & service portfolio in the interest of the Client
  • Monitor & audit the service implementation phase, ensuring service implementation is meeting or exceeding contractually obligated timelines and client needs and expectations, as well as meeting operational support requirements (Ready For Service (RFO – start billing & Ready For Operations – start of SLA,  activities & checklists)
  • The dedicated Security Service Advisor (SSA) ensures that the service is delivered as described in the Service Description (SD) and Service Level Agreement (SLA) per contract. S/he is the Single Point of Contact (SPOC) and advocate for the customer. The dedicated SSA provides recommendations to Product Management and Development teams for service improvements

Qualifications

Experience and Skills Requirements:

  • Minimum 5-7 years in the Information Security field in a client-facing security services advisor, security analyst, security engineer
  • Must have background, experience, and understanding of networking and network security technologies such as Firewalls, IDS/IPS, Proxies, Content Filtering, Application security, SIEM and Log, monitoring/management, Vulnerability Management, Risk and Compliance
  • Previous experience in an operations, engineering or other technical role within networking, network security, IT and/or telecommunications field, particularly in a client facing role
  • Ability to analyze log data, threat data, and threat intelligence information, interpret, and communicate derived meaning to client with recommendations for risk mitigation strategies
  • Ability to understand and communicate technical issues to various levels of personnel, including analysts, engineers, management and “C” level executives
  • Custom Reporting experience requiring strong skills with MS Excel, including pivot tables, macros, enhanced formulas, etc
  • Strong analytical skills, technical writing skills, and communication skills
  • Understands ITIL, service management and quality management practices
  • Works well in team environment and as a sole contributor – a self-starter who does not need daily direction
  • Possess excellent crisis management skills and set customer expectations where applicable
  • Ability to travel as required – Travel demand will/can include external functions including visits to Customers, Sales offices, industry events; estimated at 25 – 30% overnight travel

Preferred Skills and Experience:

  • Bachelor’s Degree in the Information Technology, Information Assurance, or related fields preferred
  • Network Security certifications (CISSP, C|EH, Security+, SANS, ISACA, Vendor Certificates) preferred
  • Project Management training/certification preferred
  • Quality Management (ITIL, Six Sigma, TQM, etc.) training/certification preferred

Equal Employment Opportunity

We’re proud to be an equal opportunity employer – and celebrate our employees’ differences, regardless of race, color, religion, gender, sexual orientation, gender identity, national origin, age, disability, or Veteran status.  Different makes us better.

Source:http://jobs.verizon.com/jobs/5866501-security-services-advisor?tm_job=437301-1D&tm_event=view&tm_company=781&bid=0&bid=326&aasi=2&CID=pst

. . . . . . . .

Print Friendly, PDF & Email

Leave a Reply