Secur Cslt Iv-sec Risk Mgt

**When you join Verizon**:
You want more out of a career. A place to share your ideas freely — even if they’re daring or different. Where the true you can learn, grow, and thrive. At Verizon, we power and empower how people live, work and play by connecting them to what brings them joy. We do what we love — driving innovation, creativity, and impact in the world. Our V Team is a community of people who anticipate, lead, and believe that listening is where learning begins. In crisis and in celebration, we come together — lifting our communities and building trust in how we show up, everywhere & always. Want in? Join the V Team Life.

The Audit Lifecycle Management (ALM) team within the Governance, Risk and Compliance (GRC) organization, plays an important role in driving and supporting Verizon’s adherence to external regulations & internal controls from a cybersecurity perspective. In this role, you will work with security leaders and business stakeholders to help ensure that we clearly represent Verizon’s information security posture. You will support the management and coordination of Cybersecurity audit related efforts including SOX 404 and Cybersecurity internal advisory audits. As part of a cohesive team, you will help build and optimize a cohesive, repeatable and sustainable program to effectively demonstrate effective control design and operating effectiveness.

As part of the ALM team, you will be expected to work independently and as a team, take ownership of tasks and drive successful outcomes. You should be comfortable interacting tactfully and confidentiality with internal and external information security leaders & audit personnel. You need to understand information security risk management, and creatively identify alternative ways of managing information security risk. If this sounds like you, this role may be the right fit. Check out the specific responsibilities below:
**What you’ll be doing...**:
**Evaluating and Testing Controls**
- Use effective auditing techniques (IT audit methodologies, automated testing techniques, basic data analytics) to optimize Information Technology General Controls (ITGC) testing approach
- Use your professional skepticism, to evaluate evidence submitted to satisfy the design and operating effectiveness of ITGC’s, and render your overall opinion.
- Clearly and concisely document testing procedures performed with sufficient detail that testing procedures can be performed independently
- Create and maintain control narratives and process flow documentation that can be used to demonstrate how processes and controls are implemented to reduce risk.
- Be receptive to feedback and quickly address any review comments found as part of evaluator review of testing performed

**Evaluating Process Design and Advising on Opportunities to Optimize or Improve to Reduce Risk**
- Lead walkthrough meetings and ask relevant questions to clearly understand how control processes are performed and document those processes sufficiently that others can understand how they operate.
- Be inquisitive and curious about processes and technologies with a focus on identifying potential security or control weaknesses that may cause risk.
- Understand and decompose complex IT processes and communicate them in simple and concise terms
- Use expertise to suggest creative, practical and cost effective solutions for mitigating identified risks

**Build a Best in Class Cybersecurity Audit Support Program**
- Consistently deliver high quality work products that fully address the criteria for which they were intended, requires mínimal modification, and are grammatically sound
- Actively assist with efforts to modernize audit related programs that will enable automation, repeatability, and simplification of efforts for our team, stakeholders and customers
- Proactively leverage problem solving and analytical skills to identify opportunities to further optimize the SOX 404 program, reduce waste or eliminate redundant efforts.
- Boldly challenge existing processes and actively look for new and transformative ways to optimally manage risk
- In this contributor role, take ownership of assigned areas of responsibility and effectively manage workload to meet deadlines
- Manage assigned areas of responsibility with urgency and purpose
- Leverage customer service expertise to effectively partner and communicate with stakeholders
- Keep current on US regulatory compliance trends and emerging technologies impacting OS, database, mainframe and security tooling to ensure that testing strategies and approaches align with latest technological advances
- Help maintain updated and accurate records or program progress and status and assist with communicating progress to stakeholders.

**What we’re looking for...**:
You are curious and thorough. You enjoy finding security gaps—or even better anticipate them
- and figuring out ways to repair them. You’re a great teammate and you build trusting relati