Senior Manager Security Engineering - Ashburn, VA

When you join Verizon Verizon is one of the world''s leading providers of technology and communications services, transforming the way we connect across the globe. We''re a diverse network of people driven by our shared ambition to shape a better future. Here, we have the ability to learn and grow at the speed of technology, and the space to create within every role. Together, we are moving the world forward - and you can too. Dream it. Build it. Do it here. What you''ll be doing... The Verizon Corporate Information Security (CIS) organization securely enables the business by protecting assets and information across Verizon networks, infrastructure and applications. CIS integrates cybersecurity governance, policies, technologies and operations across Verizon, and works to incorporate security into the design of technology systems and services. The Platform Security team within Verizon''s Corporate Information Security (CIS) organization works to embed security seamlessly into the development and operations lifecycle of technology systems and services.• We are looking for an experienced Senior Manager to lead the Software Security Center of Excellence across multiple delivery teams and technology functions. You will be responsible for the following primary activities: • Lead a team of high-performing individuals who partner across multiple teams to define, implement and improve Secure-SDLC standards, practices and processes. • Drive adoption of Secure-SDLC capabilities and best practices by Security Mavens and Product/Network teams, through training, certification, and automation. • Lead security architecture and design, and build CoE for security reference architectures, frameworks and testing/validation tools. Maintain roadmaps, service operational commitments and metrics across the partnering delivery teams. • Define cloud operating model, cloud security services and service metrics. • Define and continually update security requirements to align with emerging architectures, technologies, regulatory and threat landscape. • Evaluate security products in the market for Verizon needs and drive Proof of Concepts and Proof of Value with stakeholders. On selection, drive adoption across technology teams to realize full value. • Conduct Secure-SDLC activities including threat modeling to identify security vulnerabilities, determine risk and identify mitigations for both Security of DevOps tools and Security integrated into the DevOps process. • Develop and improve metrics that drive desired behavior and security outcomes. • Maintain a team culture of collaboration, openness and approachability while educating on security policies, and facilitating progress with stakeholders. Where you''ll be working... In this hybrid role, you''ll have a defined work location that includes work from home and assigned office days set by your manager. What we''re looking for... You''ll need to have: • Bachelor''s degree or four or more years of work experience. • Six or more years of relevant work experience. • Experience in Information Security and Full-stack Application Development, • Experience managing teams of engineers and program managers. Even better if you have one or more of the following: • A degree in Computer Science, Information Technology, Software Engineering, Information Security, or a related discipline. • Application and Cloud Security experience in production environments. • Application architecture and development experience. • Security certifications: CISSP, CISM, CRISC, GSEC or willingness to obtain within 12 months of hire. • Experience implementing Agile methodologies and integrating security tools into CI/CD. • Experience with various application security tools including SAST, SCA, DAST, IAST, RASP, Penetration testing, Fuzzing, Cloud Security Posture etc. • Experience building secure software based on frameworks such as OWASP, CWE, SANS, OpenSAMM, BSIMM. • Experience with methodologies and tools, for threat analysis of complex systems, such as threat modeling and software fuzzing. • Experience leading security vulnerability remediation and mitigation activities. • Proficient with common web/mobile/cloud attack vectors and related mitigation strategies. • Possess domain knowledge of common information security management frameworks and regulatory requirements and applicable standards such as ISO 27001, SOC 2, HIPAA, GDPR, PCI, Sarbanes-Oxley, etc. • Ability to deal with ambiguity, make meaningful decisions and demonstrate concrete progress even with incomplete information. • Experience coding in Java, Python, or Go, and at least one scripting language. • Knowledge of web, mobile, API, Microservices, network and security architectures and design patterns. • Knowledge of AWS, Azure, GCP and OCI native security tools. • Knowledge of security best practices, principles, and common security frameworks (e.g., NIST, ISO, Common Criteria, TCSEC, OWASP). • Experience with data architecture, modeling and integration. • Knowledge of current and emerging security technologies, threats and techniques for exploiting security vulnerabilities. • Knowledge of developer tools and environments, project management and bug tracking systems. • Ability to secure container-centric deployments using Docker and Kubernetes. • Experience with process improvement, automation release management, and system development life cycles. • Experience with data security and governance. • Experience implementing quantitative risk methodologies. 22CyberAPP Equal Employment Opportunity We''re proud to be an equal opportunity employer - and celebrate our employees'' differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. At Verizon, we know that diversity makes us stronger. We are committed to a collaborative, inclusive environment that encourages authenticity and fosters a sense of belonging. We strive for everyone to feel valued, connected, and empowered to reach their potential and contribute their best. Check out our diversity and inclusion page to learn more. COVID-19 Vaccination Requirement NYC candidates: Verizon requires new hires to be fully vaccinated against COVID-19 for onsite and hybrid NYC roles. Verizon provides reasonable accommodations consistent with legal requirements (e.g., for medical or religious reasons). Additional information will be provided during the hiring process. PandoLogic. Software Development Manager, Location: Lovettsville, VA - 20180 , PL: 545202129

Created: 2025-09-06