When you join Verizon

You want more out of a career. A place to share your ideas freely — even if they’re daring or different. Where the true you can learn, grow, and thrive. At Verizon, we power and empower how people live, work and play by connecting them to what brings them joy. We do what we love — driving innovation, creativity, and impact in the world. Our V Team is a community of people who anticipate, lead, and believe that listening is where learning begins. In crisis and in celebration, we come together — lifting our communities and building trust in how we show up, everywhere & always. Want in? Join the #VTeamLife.

What you will be doing:

The Verizon Cyber Security (VCS) organization enables the business by protecting assets and information across Verizon networks, infrastructure and applications. VCS integrates cybersecurity governance, policies, technologies and operations across Verizon, and works to incorporate security into the design of technology systems and services.

Verizon Cybersecurity (VCS) is seeking a Red Team Operator to join our Enterprise Red Team. This role will lead and participate in designing and executing red team campaigns and penetration testing exercises that test, measure, and improve people, process, and technology. The objective-based campaigns will cover multiple types of targets within Verizon. The successful candidate will be able to evaluate environments, applications, systems, and processes to discover weaknesses and leverage those discoveries into actionable real-world attack strategies.

The ideal candidate will have the ability to emulate adversarial thinking, and possess a deep understanding of operating system security, networking protocols, firewalls, databases and middleware applications, forensics, scripting and programming, and phishing techniques. Additionally, the candidate will have the ability to communicate highly technical information to internal customers to align with VCS and broader Verizon objectives.

• Leading and executing comprehensive Red Team assessments, including adversary/threat simulation and emulation, social-engineering testing, and cybersecurity control bypass techniques.

• Developing adversary emulation plans that align with MITRE ATT&CK by incorporating cyber threat intelligence.

• Configuring and safely utilizing attacker tools, tactics, and procedures for Verizon environments

• Developing presentations and reports that effectively communicate to both technical and executive audiences.

• Assisting offensive security assessment operations in support of Red, Blue, and Purple Teams.

• Planning and executing comprehensive penetration testing exercises, including vulnerability scanning, network reconnaissance, and exploitation of identified weaknesses.

• Continuously enhancing the organization's security posture by sharing knowledge and expertise with other security team members.

• Effectively communicating findings and strategies to client stakeholders, including technical staff, executive leadership, and legal counsel.

• Providing risk-appropriate and pragmatic recommendations to correct found vulnerabilities.

• Developing scripts, tools, or methodologies to enhance Verizon’s red teaming and penetration testing processes and tradecraft.

• Providing leadership and guidance to advance the offensive capabilities of the team and its subsequent ability to defend the Verizon Enterprise.

What we are looking for...

You need to have:

• Bachelor's degree or four or more years of experience.

• Four or more years of relevant work experience.

• Experience with red team methodologies.

• Knowledge of adversary tactics, MITRE ATT&CK and knowledge of real attackers behaviors.

• Shell scripting or tasks automation skills using languages such as Python, Powershell, or Bash.

• Experience with Purple teaming, penetration testing and exploitation.

Even better if you have one or more of the following:

• A technical field degree.

• Proficiency with security tools, including C2 frameworks.

• Familiarity with blue team processes and technologies, including EDR, NDR, SIEM, data sources, and threat hunting.

• Exploit, shellcode, or exploit tool development, extension, or modification experience.

• Experience building adversary emulation plans.

• Active directory security skills.

• Experience with Email, phone, or physical social-engineering assessments.

• Experience with Source code review for control flow and security flaws.

• Experience with Cyber Threat Intelligence.

• Solid understanding in hosting environments, including containerization platforms like Docker and Kubernetes, and virtual machines operating on hypervisors.

• An implementation level familiarity with common classes of modern exploitation.

• Profound knowledge of covert channels, network protocols, and data on the wire.

• Proficiency with bash and Powershell, and expertise in Unix/Linux/macOS/Windows operating systems.

• The ability to read and evaluate applications written in multiple languages, such as JAVA, .NET, C#, and others is preferred and encouraged. Programming skills are also a plus.

• Certifications in the industry, such as CRTO, OSCP, OSCE, GXPN, GPEN, GCIH, OSWE and GWAPT.

If Verizon and this role sound like a fit for you, we encourage you to apply even if you don’t meet every “even better” qualification listed above.

Where you’ll be working

In this hybrid role, you'll have a defined work location that includes work from home and a minimum eight assigned office days per month that will be set by your manager.

Scheduled Weekly Hours

40

Equal Employment Opportunity

Verizon is an equal opportunity employer. We evaluate qualified applicants without regard to veteran status, disability or other legally protected characteristics.

You want more out of a career. A place to share your ideas freely. We power and empower how people live, work and play by connecting them to what matters most. If that inspires you, start the next chapter of your career here.