Application and Attack Surface Analyst jobs in United States
cer-icon
Apply on Employer Site
company-logo

Verizon · 1 day ago

Application and Attack Surface Analyst

positionTemple Terrace, Florida
timeFull-time
remoteHybrid
seniorityMid, Senior Level
date4+ years exp

Verizon is a leading telecommunications company seeking an Application and Attack Surface Analyst to join their Exposure and Vulnerability Management team. The role involves identifying, analyzing, and mitigating digital and physical exposure while shifting the security posture from reactive scanning to proactive monitoring and automated web application security.

Communications InfrastructureInternetInternet of ThingsMobileTelecommunications
check
Comp. & Benefits
check
H1B Sponsor Likelynote

Responsibilities

Continuous Monitoring: Implementing and managing automated discovery of "known and unknown" assets, including Shadow IT, abandoned infrastructure, and expired domains
Web Application Security: Leading the strategy for Web Application Scanning (WAS); configuring and maintaining automated scans to detect vulnerabilities
Cloud & Edge Governance: Identifying misconfigured cloud resources (AWS, Azure, GCP) and exposed edge computing nodes
Classification: Maintaining a dynamic asset tagging strategy to ensure findings are prioritized based on business criticality and data sensitivity
Threat Correlation: Mapping ASM and Web findings against MITRE ATT&CK frameworks and real-world threat intelligence to identify high-likelihood attack paths
Validation: Distinguishing between "theoretical vulnerabilities" and "reachable exposures" through manual validation and proof-of-concept testing to reduce noise for remediation teams
Vulnerability Synergy: Collaborating with the wider EVM team to integrate ASM and Web scanning data into unified platforms like Tenable.One
Engineering & Scripting: Using Python to build custom integrations between ASM tools, Web Scanners, and internal orchestration platforms (SOAR/Splunk)
Strategic Remediation: Partnering with Security Architecture to implement "guardrails" (e.g., automated blocking of high-risk ports or WAF rule deployment)
Reporting: Producing weekly Key Performance Indicators (KPIs) and trend reports that translate technical exposure into business risk for leadership

Qualification

Attack Surface ManagementWeb Application ScanningPythonCybersecurityCloud SecurityVulnerability ManagementDocumentationCollaborationPresentation SkillsProblem Solving

Required

Bachelor's degree or four or more years of experience
Four or more years of relevant work experience demonstrated through one or a combination of job-related work experience, military experience, or specialized training or education (non-collegiate)
Minimum of four years in Cybersecurity, with at least two years specialized in Attack Surface Management / Web Application Scanning, External Attack Surface Management (EASM), or Offensive Security
Three or more years of Python experience (or equivalent) for automation and API integration
Hands-on experience with: ASM Platforms such as Palo Alto Xpanse, Randori, Censys, Shodan, or BitSight, Web Scanning applications such as Burp Suite Enterprise, Tenable.io WAS, Qualys WAS, or Invicti and Vulnerability Platform Management experience with Tenable, Qualys, or Rapid7

Preferred

Exceptional ability to document complex technical findings and present them clearly to non-technical stakeholders
Certifications such as CISSP, OSCP, GIAC (GEVA/GXPN), or CRTO
Proven experience securing multi-cloud environments (AWS/Azure/GCP) and understanding Kubernetes/Container security
Experience as a Splunk Power User or Developer (creating dashboards, ES correlation rules)
Familiarity with the unique exposure risks of Telecommunications infrastructure and Industrial Control Systems (ICS)

Benefits

Medical
Dental
Vision
Short and long term disability
Basic life insurance
Supplemental life insurance
AD&D insurance
Identity theft protection
Pet insurance
Group home & auto insurance
Matched 401(k) savings plan
Up to 8 company paid holidays per year
Up to 6 personal days per year
Paid parental leave
Adoption assistance
Tuition assistance
Premium pay such as overtime, shift differential, holiday pay, allowances, etc.
Up to 15 days of vacation per year

Company

Verizon

twittertwittertwitter
Glassdoor3.8
company-logo
Verizon is a broadband and telecommunications company that provides information and entertainment services.
dateFounded in 1983
location
New York, New York, USA
people-size10001+ employees
web-link
https://www.verizon.com

H1B Sponsorship

Verizon has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (7)
2024 (3)
2023 (2)
2022 (6)
2021 (6)
2020 (8)

Funding

Current Stage
Public Company
Total Funding
$34.39B
Key Investors
Maryland Department of Housing and Community DevelopmentU.S. Department of DefenseConnect Maryland
2025-07-30Post Ipo Debt· $2.29B
2024-06-20Grant· $2M
2024-02-26Post Ipo Debt· $1B

Leadership Team

leader-logo
Daniel Schulman
Chief Executive Officer
linkedin
leader-logo
Sowmyanarayan Sampath
Chief Executive Officer, Verizon Consumer
linkedin

Recent News

PCMag.com - Technology Product Reviews, News, Prices & Tips
Headed to Super Bowl LX? This Carrier Will Give You the Best Stadium Speeds
2026-02-07
Android Authority
Verizon is suing T-Mobile for perceived false advertising
2026-02-07
EIN Presswire
Reliance Contractors Awarded Verizon Small Business Digital Ready Grant, Reinforcing National Readiness
2026-02-06
Company data provided by crunchbase