Network Security Principal Engineer

About The Position

Requirements

• Requires a Bachelor's degree in Computer Science, Cybersecurity, or a related field, or 6 -10+ years of equivalent relevant work or military experience.
• Expert-level experience in securing/hardening management and Out-Of-Band (OOB) networks that support telemetry services for multi-vendor environments (Cisco IOS-XR/XE, Palo Alto, F5, Arista).
• Proven ability to leverage TCP/IP internals, DNS security, and flow-based analysis (NetFlow/IPFIX) to baseline network behavior and intercept sophisticated lateral movement.
• Strong practical experience with Splunk/SIEM tools is necessary for data analysis, dashboard creation, alerting, automation, risk-based alerting, managing notable events, and defining/tuning correlation searches.
• Familiarity with Identity and Access Management (IAM) solutions is also beneficial.
• Demonstrated leadership skills are required, along with the ability to lead and manage cross-functional projects, build consensus, resolve conflict, negotiate, and possess strong analytical, communication, and programming skills.

Nice To Haves

• Possession of a CCIE (Service Provider or Security) or Nokia NRS II/SRA is required.
• Additional certifications such as CISSP, CompTIA Security+, OSCP, CCNP, CCIE, or CCNA are beneficial.
• Expertise in using Python, Ansible, or Terraform to automate network device configurations and operations.
• Competence in using Splunk or Elasticsearch for network data analysis, creating dashboards, setting up alerts, and handling large-scale internet data sources (Netflow, BGP, DNS, IDS logs).
• Knowledge of Firewalls, VPNs, IDS/IPS, DDoS mitigation, encryption technologies (IPsec, TLS), identifying vulnerabilities in RAN, and Security Information and Event Management (SIEM) tools like Splunk.
• Familiarity with Network Function Virtualization (NFV), Identity and Access Management (IAM) solutions, the system development lifecycle, mitigating network/system/application layer attacks, and working with SQL/NoSQL databases and UNIX/Linux operating systems.
• Strong organizational, project management, and written/verbal communication abilities, with the capacity to collaborate with various stakeholders and demonstrate leadership and mentoring skills.
• Fluency in security frameworks, particularly the application of CIS Benchmarks (Level 1 & 2 hardening) and mitigating MITRE ATT&CK Tactics, Techniques, and Procedures (TTPs) on network devices, along with a solid understanding of network security fundamentals.

Responsibilities

• Set strategic direction and define architectural patterns for long-term resilience.
• Lead the design, architecture, and implementation of cutting-edge network security solutions to address technology gaps.
• Act as the security subject matter expert in network design reviews, ensuring that all network assets meet stringent carrier-grade security standards and embed secure design patterns.
• Drive continuous improvement of network visibility and telemetry collection, conduct proactive threat hunting, and serve as escalation support for network security incidents.
• Execute root cause analysis for incidents, perform regular security control assessments, and lead strategic security solution implementation in a highly scalable environment.
• Design, develop, and refine high-fidelity detection logic to identify adversarial behavior across the network.
• Develop essential technical documentation, including Playbooks, Confluence pages, Network diagrams, and Method of Procedures (MOPs).
• Drive security architecture, lead policy implementation, manage incident response, and integrate security principles early into the development lifecycle.
• Leverage tools or custom automation, eg, Python, Ansible playbooks to run automated audits against security benchmarks, ensuring zero configuration drift.
• Proactively search for signs of lateral movement, exfiltration, and persistence within the environment using the MITRE ATT&CK framework as a guide.
• Analyze network logs and configurations to identify vulnerabilities, recommend & build proactive mitigations.
• Develop comprehensive assessment reports and provide prioritized recommendations for remediations.
• Identifying opportunities to mentor, guide, and delegate technical documentation/tasks to support the team and broader organization

Benefits

• Our benefits are designed to help you move forward in your career, and in areas of your life outside of Verizon.
• From health and wellness benefit options including: medical, dental, vision, short and long term disability, basic life insurance, supplemental life insurance, AD&D insurance, identity theft protection, pet insurance and group home & auto insurance.
• We also offer a matched 401(k) savings plan, up to 8 company paid holidays per year and up to 6 personal days per year, paid parental leave, adoption assistance and tuition assistance, plus other incentives, we’ve got you covered with our award-winning total rewards package.
• Depending on the role, employees have the opportunity to receive compensation in the form of premium pay such as overtime, shift differential, holiday pay, allowances, etc.
• Newly hired employees receive up to 15 days of vacation per year, which grows with additional service.