Principal Network Security Engineer

Apply prior to the end date:
July 3, 2026

At Verizon, we power and empower how people live, work and play by connecting them to what brings them joy. We drive innovation, creativity, and impact in the world. Our V Team is a community of people who anticipate, lead, and believe that listening is where learning begins. In crisis and in celebration, we come together—lifting our communities and building trust in how we show up, everywhere & always.

Join the #VTeamLife.

The Global Networks & Technology Network Security team is looking for a highly motivated and experienced Senior Engineer to join the Security Defense organization. Your primary focus will be safeguarding critical routing infrastructure and data center fabrics that power 5G services, including spine‑leaf fabrics, firewalls, and load balancers.

You will build a deep understanding of the asset function, develop intelligent threat detections, and improve overall security hygiene by implementing the Network Security Fundamentals (Access Management, Situational Awareness, Configuration Hardening, Vulnerability Mitigation).

You should be fluent in Cisco IOS XE/XR/NX‑OS, Nokia SR OS, Juniper OS, and F5 F5OS/TMOS, and able to translate high‑level security frameworks into concrete device configurations.

• Provide recommendations to improve defensive cyberspace operations (DCO‑IDM) and the cyber resilience of portfolio systems and services.
• Collaborate with stakeholders to improve core networking security posture through the assessment and implementation of the Network Security Fundamentals.
• Recommend improvements to defensive cybersecurity practices.
• Discover, identify, and confirm inventory of all network assets and asset information (model, version, etc.) in your area of responsibility.
• Develop a deep understanding of the network assets and roadmap to assess vulnerability impacts and identify end‑of‑life/end‑of‑support hardware/software.
• Establish a baseline of normal operations and implement intelligent threat detections to alert on deviations.
• Perform log analysis and develop incident response protocols to quickly identify, contain, and resolve network security incidents and threats.
• Architect security hardening and implement CIS Benchmarks for Cisco IOS XE/XR/NX‑OS, Nokia SR OS, Juniper OS, and F5 F5OS/TMOS to enforce “Gold Standard” configurations.
• Design and audit ACLs to drive segmentation strategy across network infrastructure.
• Create and use automation tools (Ansible, Splunk) and programmatic methods to build lifecycle management workflows, perform configuration compliance, and implement threat modeling/detection.
• Drive adversary emulation by mapping core network defenses directly to the MITRE ATT&CK for Network Devices matrix.

You are driven to pinpoint problems and tenacious about finding solutions, organized, detail‑oriented, dependable, accountable, and proactive.

• Bachelor’s degree or four or more years of relevant work experience in data networking and telecommunications, with expert knowledge of TCP/IP (IPv4 & IPv6), VXLAN, SR, EVPN, OSPF, and BGP.
• Six or more years of relevant work experience.
• Hands‑on experience in Carrier/Service Provider Network Engineering or Security with proficiency in Cisco IOS XE/XR/NX‑OS, Nokia SR OS, Juniper OS, and F5 F5OS/TMOS.
• Proven experience securing spine‑leaf architecture and data center fabrics with strong BGP security (RPKI, prefix‑lists, TTL security) and IGP security (OSPF/IS‑IS authentication).
• Fluency in CIS Benchmarks and application of Level 1 & Level 2 hardening profiles.
• Track record of managing and delivering results; ability to explain how specific network controls mitigate specific tactics, techniques, and procedures in the MITRE ATT&CK Network Devices matrix.
• Strong leadership and mentoring abilities.
• Ability to work with diverse stakeholders, including technical teams, business owners, and executives.
• Effective written, interpersonal, and verbal communication skills.

• Cisco: CCIE (Service Provider or Security)
• Nokia: NRS II (Nokia Routing Specialist) or SRA (Service Routing…