×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity

Attack Surface Analyst

Job in Temple Terrace, Hillsborough County, Florida, USA
Listing for: Verizon
Full Time, Part Time position
Listed on 2026-02-20
Job specializations:
  • IT/Tech
    Cybersecurity
Job Description & How to Apply Below
Position: Application and Attack Surface Analyst

When you join Verizon

You want more out of a career. A place to share your ideas freely - even if they're daring or different. Where the true you can learn, grow, and thrive. At Verizon, we power and empower how people live, work and play by connecting them to what brings them joy. We do what we love - driving innovation, creativity, and impact in the world.

Our V Team is a community of people who anticipate, lead, and believe that listening is where learning begins. In crisis and in celebration, we come together - lifting our communities and building trust in how we show up, everywhere & always. Want in? Join the #VTeamLife.

What you'll be doing:

As an Attack Surface Management (ASM) & Web Application Scanning (WAS) Security Analyst, you will be a critical member of Verizon's Exposure and Vulnerability Management (EVM) team. Your mission is to think like an adversary to identify, analyze, and mitigate Verizon's digital and physical exposure across a global footprint-including Public Cloud, On-Premise Data Centers, OT/Industrial environments, and Third-Party ecosystems.

You will bridge the gap between external threat visibility and internal risk reduction, shifting our posture from reactive scanning to proactive, continuous monitoring and automated web application security.

Key Responsibilities include:

Digital Asset Discovery & Web Scanning

  • Continuous Monitoring:
    Implementing and managing automated discovery of "known and unknown" assets, including Shadow IT, abandoned infrastructure, and expired domains.

  • Web Application Security:
    Leading the strategy for Web Application Scanning (WAS); configuring and maintaining automated scans to detect vulnerabilities.

  • Cloud & Edge Governance:
    Identifying misconfigured cloud resources (AWS, Azure, GCP) and exposed edge computing nodes.

  • Classification:
    Maintaining a dynamic asset tagging strategy to ensure findings are prioritized based on business criticality and data sensitivity.

Analysis & Risk Prioritization

  • Threat Correlation:
    Mapping ASM and Web findings against MITRE ATT&CK frameworks and real-world threat intelligence to identify high-likelihood attack paths.

  • Validation:
    Distinguishing between "theoretical vulnerabilities" and "reachable exposures" through manual validation and proof-of-concept testing to reduce noise for remediation teams.

  • Vulnerability Synergy:
    Collaborating with the wider EVM team to integrate ASM and Web scanning data into unified platforms like Tenable.

    One.

Operational Excellence & Automation

  • Engineering & Scripting:
    Using Python to build custom integrations between ASM tools, Web Scanners, and internal orchestration platforms (SOAR/Splunk).

  • Strategic Remediation:
    Partnering with Security Architecture to implement "guardrails" (e.g., automated blocking of high-risk ports or WAF rule deployment).

  • Reporting:
    Producing weekly Key Performance Indicators (KPIs) and trend reports that translate technical exposure into business risk for leadership.

What we're looking for:

You'll need to have:

  • Bachelor's degree or four or more years of experience.

  • Four or more years of relevant work experience demonstrated through one or a combination of job-related work experience, military experience, or specialized training or education (non-collegiate).

  • Minimum of four years in Cybersecurity, with at least two years specialized in Attack Surface Management / Web Application Scanning, External Attack Surface Management (EASM), or Offensive Security.

  • Three or more years of Python experience (or equivalent) for automation and API integration.

  • Hands-on experience with: ASM Platforms such as Palo Alto Xpanse, Randori, Censys, Shodan, or Bit Sight, Web Scanning applications such as Burp Suite Enterprise, Tenable.io WAS, Qualys WAS, or Invicti and Vulnerability Platform Management experience with Tenable, Qualys, or Rapid
    7.

Even better if you have one or more of the following:

  • Exceptional ability to document complex technical findings and present them clearly to non-technical stakeholders.

  • Certifications such CISSP, OSCP, GIAC (GEVA/GXPN), or CRTO.

  • Proven experience securing multi-cloud environments (AWS/Azure/GCP) and understanding Kubernetes/Container security.

  • Experience as a…

To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search