Digital Forensics and Incident Response Analyst

You want more out of a career. A place to share your ideas freely - even if they're daring or different. Where the true you can learn, grow, and thrive. At Verizon, we power and empower how people live, work and play by connecting them to what brings them joy. We do what we love - driving innovation, creativity, and impact in the world. Our V Team is a community of people who anticipate, lead, and believe that listening is where learning begins. In crisis and in celebration, we come together - lifting our communities and building trust in how we show up, everywhere & always. Want in? Join the #VTeamLife.

The Threat Management Center (TMC) serves as the initial point of defense for Verizon's networks and information systems, safeguarding them against internal misconduct and cyber-attacks. The TMC Advanced Cyber Defense (TMC-ACD) team is tasked with responding to, investigating, hunting and managing all incidents. Collectively, the teams strive to protect Verizon's employees, customers, brand reputation, and revenue streams through proactive identification, response, and mitigation of potential threats that could adversely affect Verizon or its business partners.

Verizon is looking for an innovative and motivated professional who will be responsible for safeguarding the Verizon enterprise. This individual will work on identified threats and will neutralize them through proactive hunting and detection, incident response and mitigation strategies, and ensure continuous operation of Verizon's on-prem and cloud environments.

The Digital Forensics & Incident Response role is an opportunity to work in a fast paced collaborative environment defending Verizon from current and future cyber threats. This position plays a critical role in Verizon's enterprise computing defense.

• Executing the Incident Response Lifecycle to drive threat remediation and identify strategic countermeasures improving future defenses.

• Operating as a trusted advisor on threat analysis during incidents for incident management teams and other stakeholders by following cybersecurity response methodologies such as the NIST Cybersecurity Framework.

• Serving as a primary point of contact during assigned on-call shifts, responding promptly to incidents, escalations, and critical alerts to minimize downtime and mitigate risks to the enterprise.

• Deploying security tools and leveraging logs and endpoint forensic analysis in order to complete a detailed and accurate assessment of security alerts and threats affecting the Verizon enterprise and cloud infrastructure.

• Assisting with the development of security controls for multiple platforms via automated capabilities by using advanced analysis and forensic techniques.

• Driving identification, analysis, and remediation activities to ensure compliance with relevant regulatory requirements, industry standards, and best practices related to security and data privacy.

• Providing assistance and analytical evaluations for high-priority and significant security incidents, including composing extensive and comprehensive analysis summaries and facilitating incident-related discussions.

• Identifying gaps in detections and collaborating with teams across Cyber Security to mitigate threats and improve the overall security posture.

• Recommending ways to mature and advance the preventive and defensive capabilities of the TMC. This includes leveraging data and knowledge to clearly communicate the use case for alert creation.

• Collaborating with cross-functional teams to respond, identify, and analyze the root cause of a cybersecurity incident.

• Conducting risk assessments, in-depth analysis, and forensic investigations to determine the root cause and impact of incidents.

• Enhancing, and/or implementing DFIR playbooks to ensure cohesive response repeatability.

• Assisting with producing operational read-outs and case reviews for peers and leadership that accurately capture the effectiveness of the DFIR organization.

• Continuously honing to build and maintain knowledge, skills, and abilities needed to maintain proficiency in producing thorough and accurate digital forensic analysis.

• Enhancing techniques, workflows and processes of security controls, compliance assessments, and DFIR procedures to drive the TMC operational and strategic growth (continuous improvement).

• Bachelor's degree or four or more years of work experience.

• Four or more years of relevant experience required, demonstrated through work experience and/or military experience.

• Experience working in Digital Forensic, Incident Response, and/or a Security Operations Center (SOC) environment(s).

• Ability to pass and/or obtain a security clearance.

• Awareness of cyber based adversarial frameworks including MITRE ATT&CK and Lockheed Martin's Cyber Kill Chain.

• Proficient knowledge of the cyber threat landscape including types of adversaries, campaigns, and the motivations that drive them.

• Experience working with analysis techniques, identifying indicators of compromise, threat hunting, and identification of intrusions and potential incidents.

• Programming and Scripting Experience to enhance automations, ad-hoc forensic analysis and speed-up response times.

• Previous experience with log aggregation platforms such as Splunk, Elastic, Snowflake, LogRhythm, etc.

• Proficient in understanding Operating Systems and their architectures: Windows, Unix/Linux, and MacOS Operating Systems

• Demonstrates leadership and mentoring skills to help advance the overall capabilities of the TMC organization.

• Ability to work in a highly collaborative environment needing strong communication, presentation, and leadership-like skills

• Exhibits initiative, follow-up and follow through with commitments

• Certifications like: Network+, Security+, CISSP, EnCE, CFCE, C|EH, C|HFI, GCFA, GCFE, GCIH and/or cloud-specific security certifications (e.g. AWS Certified Security - Specialty, Microsoft Certified: Azure Security Engineer Associate, Google Cloud Certified Professional Cloud Security Engineer)

If Verizon and this role sound like a fit for you, we encourage you to apply even if you don't meet every "even better" qualification listed above.

Verizon is an equal opportunity employer. We evaluate qualified applicants without regard to veteran status, disability or other legally protected characteristics.

Our benefits are designed to help you move forward in your career, and in areas of your life outside of Verizon. From health and wellness benefit options including: medical, dental, vision, short and long term disability, basic life insurance, supplemental life insurance, AD&D insurance, identity theft protection, pet insurance and group home & auto insurance. We also offer a matched 401(k) savings plan, stock incentive programs, up to 8 company paid holidays per year and up to 6 personal days per year, parental leave, adoption assistance and tuition assistance, plus other incentives, we've got you covered with our award-winning total rewards package. Depending on the role, employees have the opportunity to receive compensation in the form of premium pay such as overtime, shift differential, holiday pay, allowances, etc. Newly hired employees receive up to 15 days of vacation per year, which grows with additional service. For part-timers, your coverage will vary as you may be eligible for some of these benefits depending on your individual circumstances.