Skip to main content
Back to jobs

Principal Network Security Engineer

External
verizon logoVerizon · Southlake, TX
Part-timeHybrid2w ago
AnsibleAuditingBGPComplianceIncident ResponseiOS
Cover LetterConnect

Prepare for this interview

Elite

AI-generated questions, company research, and talking points tailored to this role

Responsibilities

  • Providing recommendations to improve defensive cyberspace operations - internal defensive measures (DCO-IDM) and the cyber resiliency of the portfolio's systems and services.
  • Collaborating with stakeholders to improve the core networking security posture through the assessment and implementation of the Network Security Fundamentals (Access Management, Situational Awareness, Configuration Hardening, Vulnerability Mitigation).
  • Providing recommendations to improve defensive cybersecurity practices.
  • Discovering, identifying, and confirming inventory of all network assets and asset information (model, version, etc) in your respective area of responsibility.
  • Building a deep understanding of the network assets and the roadmap to quickly assess the impact of vulnerabilities and identify End-of-Life/End-of-Support hardware/software.
  • Developing a baseline of normal operations and implement intelligent threat detections to alert on deviations to proactively identify potential cyber threats.
  • Performing log analysis and develop incident response protocols to quickly identify, contain, and resolve network security incidents and threats.
  • Architecting security hardening and implementation of CIS Benchmarks for Cisco IOS XE/XR/NX-OS, Nokia SR OS, Juniper OS, and F5 F5OS/TMOS to enforce "Gold Standard" configurations.
  • Designing and auditing of ACLs to drive segmentation strategy across network infrastructure.
  • Creating and using automation tools (Ansible, Spunk) and programmatic methods to build life cycle management workflows, perform configuration compliance, and implement threat modeling / detection.
  • Driving adversary emulation by mapping core network defenses directly to the MITRE ATT&CK for Network Devices matrix.
  • What we're looking for...
  • You're driven to pinpoint a problem and tenacious about finding a solution. You're organized and pay attention to details. You are the person that others rely on. You are accountable and follow through with a sense of urgency.
  • You'll need to have:
  • Bachelor's degree or four or more years of relevant work experience demonstrated in data networking and telecommunications, including expert knowledge of TCP/IP (IPv4 & IPv6), VXLAN, SR, EVPN, OSPF, and BGP.
  • Six or more years of relevant work experience
  • Demonstrated experience in Carrier/Service Provider Network Engineering or Security with hands-on proficiency with Cisco IOS XE/XR/NX-OS, Nokia SR OS, Juniper OS, and F5 F5OS/TMOS.
  • Proven experience securing Spine-Leaf architecture and data center fabrics with strong knowledge of BGP security (RPKI, prefix-lists, TTL security) and IGP security (OSPF/IS-IS authentication).
  • Framework fluency in CIS Benchmarks applying Level 1 & Level 2 hardening profiles.
  • Proven track record of managing and delivering results.MITRE ATT&CK: Ability to explain how specific network controls mitigate specific TTPs (Tactics, Techniques, and Procedures) in the Network Devices matrix.
  • Strong leadership and mentoring abilities.
  • Ability to work with diverse stakeholders including highly technical teams, business owners, and executives.
  • Effective written, interpersonal, and verbal communication skills.
  • Even better if you have one or more of the following:
  • Cisco: CCIE (Service Provider or Security)
  • Nokia: NRS II (Nokia Routing Specialist) or SRA (Service Routing Architect).
  • Juniper: JNCIE (Service Prov

Additional Information

When you join Verizon You want more out of a career. A place to share your ideas freely - even if they're daring or different. Where the true you can learn, grow, and thrive. At Verizon, we power and empower how people live, work and play by connecting them to what brings them joy. We do what we love - driving innovation, creativity, and impact in the world. Our V Team is a community of people who anticipate, lead, and believe that listening is where learning begins. In crisis and in celebration, we come together - lifting our communities and building trust in how we show up, everywhere & always. Want in? Join the #VTeamLife. What you'll be doing... At Verizon, the Global Networks & Technology Network Security team is looking for a highly motivated and experienced Senior Engineer to join the Security Defense organization. The Defense teams are responsible for safeguarding critical routing infrastructure and data center fabrics that power 5G services including spine-leaf fabrics, firewalls, and load balancers. You will be expected to build a deep understanding of the asset function and roadmap enhancements, develop intelligent threat detections and safeguards through proactive monitoring, and improve the overall security hygiene by implementing the Network Security Fundamentals (Access Management, Situational Awareness, Configuration Hardening, Vulnerability Mitigation). We need an expert who speaks the language of Cisco IOS XE/XR/NX-OS, Nokia SR OS, Juniper OS, and F5 F5OS/TMOS and who can translate high-level security frameworks into concrete, low-level device configurations.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at verizon? Share your experience

Interested in this role?

Apply on the company's website.

Cover LetterConnect