The primary goal of the dedicated Cyber Threat Advisor is to aggregate security, vulnerability, and threat data, analyze unusual and interesting patterns, and then communicate the risk that data implies to the customer, providing actionable intelligence and recommendations based on the threat data. Your goal is also to develop and maintain the client relationship, ensuring client satisfaction with the security solutions, operations, quality and assurance Verizon is providing to the client. The Cyber Threat Advisor drives greater value towards the Managed Security Service (MSS) customers through delivering services described in the MSS Service Description, providing additional security analysis, risk advisories, vulnerability assessment reporting, and service reporting over the lifecycle of the contract. Primary functions will include but are not limited to security incident trending analysis and reporting, security gap analysis, executive reporting, vulnerability assessments and reporting, and keeping abreast of industry trends.
- Provide support delivering a consultative approach by performing continuous incident analysis, service analysis, gap analysis using defined tools and techniques to assist clients in making necessary decisions to improve overall security program
- Understands how to quantify risk using threat likelihood, implementation state, and business impact variables
- Understands how to prioritize remediation efforts based on business need, compliance need, and/or risk reduction need
- Understands how to analyze discovery scan data and vulnerability data to determine unusual use configurations, discovery of aged software, and proper identification of high-severity vulnerabilities. In most cases, the Cyber Threat Advisor will identify and remove false positive findings and/or downgrade certain vulnerabilities based on Verizon Risk Intelligence
- Understands how to upload vulnerability details into MSS Security Portals; and analyze security incidents with the expectation of providing trending analysis and recommendations
- Understands how to define action plans that are easy to implement, effective at reducing risk, and as much as possible will take advantage of existing people, processes, and technologies
- Stay abreast of the changing enterprise solutions and security needs of the customer; and obtain a working familiarity of the clients’ enterprise solutions market, practices, organization, stakeholders, risks, key decision makers and strategic objectives
- Develop and create Executive Briefings (frequency is based on client demand). The Executive Briefing will illustrate Implementation/Operational score, Threat and/or Vulnerability score, trending details, and may include high-level action plans
- Detailed Vulnerability Reports (frequency is based on client demand). The Detailed Vulnerability Reports will illustrate summary and detailed findings in regards to aged software, unusual use configurations, and vulnerability severity
- Monitors change activity, including device feature and maintenance release upgrades as well as vulnerability patches
- Provides training and information to clients on MSS portal and services at inception and periodically as new features and enhancements to portal and service are made, as well as “refresher” training as necessary
- The Cyber Threat Advisor may be responsible for maintaining some level of client specific documentation set as defined in the contract and approved by VES MSS; and maintains client information in designated CMDB, Wiki pages, Operational Playbooks, and document repositories
Security Service Management:
- The Cyber Threat Advisor ensures that the service is delivered as described in the Service Description (SD) and Service Level Agreement (SLA) per contract. S/he is the Single Point of Contact (SPOC) and advocate for the customer.
- The Cyber Threat Advisor provides recommendations to Product Management and Development teams for service improvements.
- Serve as client’s primary point of contact and advisor within Verizon Managed Security Services and escalated service issues
- Serve as advocate and spearhead the development of extra or new and non-standard functionality within the Verizon product & service portfolio in the interest of the Client
- Develop and manage service improvement plans, incident reports, action plans, operational security management forums and escalation management, identify service gaps in maintaining value propositions for security solutions
- An Associate’s degree or equivalent experience.
- Two or more years in the Information Security field in a client-facing security services advisor, security analyst, or security engineer
- Must be able to obtain a US government clearance at a Public Trust level
- Background, experience, and understanding of networking and network security technologies such as Firewalls, IDS/IPS, Proxies, Content Filtering, Application security, SIEM and Log, monitoring/management, Vulnerability Management, Risk and Compliance.
- Previous experience in an operations, engineering or other technical role within networking, network security, IT and/or telecommunications field, particularly in a client facing role.
- Capability to analyze log data, threat data, and threat intelligence information, interpret, and communicate derived meaning to client with recommendations for risk mitigation strategies
- Understands ITIL, service management and quality management practices
- Ability to travel as required – Travel demand will/can include external functions including visits to Customers, Sales offices, industry events. Travel estimated at 25% or less.
Ideally, you’ll also have:
- A Bachelor’s Degree in the Information Technology, Information Assurance, or related field.
- MTIPS Experience.
- Project Management training/certification.
- Quality Management (ITIL, Six Sigma, TQM, etc.) training/certification.
- Demonstrated ability to understand and communicate technical issues to various levels of personnel, including analysts, engineers, management and “C” level executives.
- Strong analytical skills, technical writing skills, communication skills, crisis management skills.
- Network Security certifications (CISSP, C|EH, Security+, SANS, ISACA, Vendor Certificates).
Not to boast, but a little bit about us
Verizon powers America’s fastest and most reliable network. We’re also leading the way in cloud and security solutions, Internet of Things and video entertainment. Technology moves fast and so do we. We believe that bringing great ideas and customer experiences to life should be recognized and rewarded. Whether you think in code, words, pictures or numbers, find your future at Verizon.
Equal Employment Opportunity
We’re proud to be an equal opportunity employer – and celebrate our employees’ differences, regardless of race, color, religion, gender, sexual orientation, gender identity, national origin, age, disability, or Veteran status. Different makes us better.