M+E Technology Job Board

Paranoids Product Security Engineering

  • Full Time
  • Sunnyvale, CA
  • Applications have closed

Verizon Media

The Role:

Reporting to the Paranoids Architecture, Engineering and Assurance function, you will identify and execute secure development activities, including: security testing, design review, secure code review, and integration of automation with DevOps processes. You will work with development teams for Verizon Media and begin to lead the evolution of our secure development processes for the overall enterprise.


Conduct code review and web application security testing in a variety of technical frameworks and Verizon Media brands.

Begin to create application threat models and provide guidance on effective countermeasures.

Contribute to security architecture and assist in building and rolling out processes for secure code development and deployment involving truly cutting edge technology.

Develop subject matter expertise in encryption, security controls, risk management, and secure design and programming practices across Verizon Media engineering teams.

Improve and implement security processes, procedures, and guidelines related to Product Security and secure code development.

Help to evaluate and operationalize new technologies for securing the organization.

Train and mentor Security Champions throughout the development

Share thought leadership in the product and application security space

Secure large-scale applications and infrastructure across Verizon Media engineering teams per Verizon Media standards.

Build projects for static analysis, triage results, and communicate findings back to teams.

Deliver day to day findings, remediations, and fixes in a manner that can be understood by multiple audiences.

Work with internal stakeholders to identify product security technology needs, provide guidance, and contribute to the growth and development of the Paranoids.

Evaluate and operationalize new technologies for securing the organization

Provide tier 3 engineering support to remediate critical security bugs

Required Qualifications:

3+ years of hands-on technical experience such as in application development or security

Ability to incrementally review designs, code, and operation at DevOps pace as well as

Ability to deeply review design, code, and operation consistent with classic security analyses

Knowledge of application security vulnerabilities, secure coding, and countermeasures

Experience with application programming and the overall software development life cycle

Ability to prioritize between and execute on multiple work streams

Written and verbal skills for communicating security concepts and solutions

Excellent organizational and interpersonal skills

Communicates effectively with team members, and key stakeholders; contributes to technical meetings.

Bachelor’s degree in CS/EE or related area or equivalent job experience

Preferred Qualifications:

Knowledge of software development lifecycles and methodologies; proficient in how Verizon Media builds software.

Understanding of attacker lifecycles and defender strategies.

Comfortable collaborating with all Paranoids and across Verizon Media.

Experience collecting, analyzing, and presenting security metrics.

One of the following certifications: CISSP, CCSSP, CSSLP, OSCP, GMOB, GWAPT, CISM, CISA.