Network Security Engineer II

You want more out of a career. A place to share your ideas freely - even if they're daring or different. Where the true you can learn, grow, and thrive. At Verizon, we power and empower how people live, work and play by connecting them to what brings them joy. We do what we love - driving innovation, creativity, and impact in the world. Our V Team is a community of people who anticipate, lead, and believe that listening is where learning begins. In crisis and in celebration, we come together - lifting our communities and building trust in how we show up, everywhere & always. Want in? Join the #VTeamLife.

The GN&T Network Security team is looking for a highly motivated and experienced Cybersecurity Engineer to join the Network Security Defense team. The Defense teams are responsible for owning the security lifecycle and effectiveness across the Core, Edge, and Access networks, as well as all systems and network functions within GN&T. In this role, you will be critical in advancing our security posture through real-time Threat Monitoring & Detection using SIEM tools like Splunk, leading Incident Response efforts during a breach, and managing the continuous Vulnerability Management lifecycle across networks and applications. The position also requires expertise in defining and implementing robust Security Architecture, including firewalls, encryption, centralized Identity and Access Management, and Multi-Factor Authentication (MFA). A strong candidate will also possess advanced Threat Hunting skills, including Advanced Networking & Protocol Analysis, Endpoint & Memory Forensics, Data Science & Querying, and demonstrable experience in Automation & Scripting to enhance our Cybersecurity tooling. Candidates are expected to possess requisite expertise encompassing the design and deployment of comprehensive security architectures, including firewalls, encryption, Identity and Access Management (IAM), and Multi-Factor Authentication (MFA). This expertise extends to the securing and hardening of management networks, particularly those utilized for telemetry. Furthermore, a strong foundation in network fundamentals (TCP/IP, DNS, flow data) is essential for effective discernment of malicious traffic. Responsibilities include managing security projects aimed at vulnerability remediation in collaboration with engineering teams, as well as the development and meticulous refinement of threat detection capabilities within Security Information and Event Management (SIEM) platforms, such as Splunk.

• Support Security Improvements: Support the identification of security gaps and lead the design, architecture, and implementation of appropriate security solutions.

• Partner across Operations, Engineering, and Planning organizations to ensure secure design patterns are embedded into new deployments and major changes.

• Work with lead engineers on strategic security technical challenges and complex investigations.

• Provide expert analysis during active incidents, support root cause analysis, and produce clear reports outlining timelines, impact, and remediation.

• Perform regular security control assessments to validate configuration effectiveness and close gaps discovered during active hunts.

• Articulate complex technical concepts clearly to diverse internal and external audiences.

You must have...

• Bachelor's degree or one or more years of relevant work experience.

• One or more years of relevant work experience, demonstrated through one or a combination of work and/or military experience, or specialized training.

• Ability to write complex, optimized SPL (Splunk Search Language), including data models, lookups, and dashboards for threat analysis.

• Distinction between Control Plane, Data Plane, and Management Plane security.

• Knowledge of routing protocols (BGP, OSPF, IS-IS) and how to protect them from hijacking or manipulation.

Even better if you also have...

• Certifications: Security (CISSP, CISM, OSCP, Security+) or Networking (PCNSE, CCNP, CCNA).

• Internet-Scale Data: Hands-on experience with Netflow, BGP, DNS, and IDS logs at scale.

• Knowledge of NIST 800-61 and MITRE ATT&CK methodologies.

• Experience with risk-based alerting, asset/identity correlation, and big data tools like Elasticsearch.

• Unix or Linux expertise and experience with encryption (IPsec, TLS) and DDoS mitigation.

• Effective written and verbal communication skills for cross-functional collaboration.

• Deep understanding of network fundamentals (TCP/IP, DNS) and advanced knowledge of router operations, including:

• Experience analyzing NetFlow/IPFIX data to distinguish between legitimate traffic and malicious patterns.

If Verizon and this role sound like a fit for you, we encourage you to apply even if you don't meet every "even better" qualification listed above.

Verizon is an equal opportunity employer. We evaluate qualified applicants without regard to veteran status, disability or other legally protected characteristics.

Our benefits are designed to help you move forward in your career, and in areas of your life outside of Verizon. From health and wellness benefit options including: medical, dental, vision, short and long term disability, basic life insurance, supplemental life insurance, AD&D insurance, identity theft protection, pet insurance and group home & auto insurance. We also offer a matched 401(k) savings plan, up to 8 company paid holidays per year and up to 6 personal days per year, paid parental leave, adoption assistance and tuition assistance, plus other incentives, we've got you covered with our award-winning total rewards package. Depending on the role, employees have the opportunity to receive compensation in the form of premium pay such as overtime, shift differential, holiday pay, allowances, etc. Newly hired employees receive up to 15 days of vacation per year, which grows with additional service. For part-timers, your coverage will vary as you may be eligible for some of these benefits depending on your individual circumstances.