Share this Job

Senior Security Consultant


Thornton, CO, US

About Avaya

Avaya enables the mission critical, real-time communication applications of the world’s most important operations. As a global leader in delivering superior communications experiences, Avaya offers a complete portfolio of software and services for contact center and unified communications— offered on premises, in the cloud, or a hybrid. Today’s digital world requires communications enablement, and no other company is better positioned to do this than Avaya. For more information, please visit www.avaya.com.

Short Description

Avaya is seeking an experienced security professional to join the Product Security Support Team-PSST, with roles/responsibilities including the following:


Primary Skillset/Role:

  • Serve as Avaya-internal Security Threat Modeling, Consulting, Hardening and Penetration Test SME:
    • Avaya Security Common Engineering Criteria (PSST ownership),
    • Multi-CSP Iaas/PaaS/SaaS, API, Container and Orchestration Security
    • Avaya Cloud Offers


Additional Skills

Secondary Skillset/Role:

Internally-focused Security Consulting: 

  • Active membership in Avaya’s Security Council, Cybersecurity VT, and Avaya’s Incident Response Team
  • Contributing member of Solution Architecture team

Vulnerability Threat Management (VTM): 

  • Oversight of Avaya’s VTM policies, system/database, interact with product teams towards tracking/resolving product vulnerabilities, and creation of Avaya Security Advisories-ASA’s
  • Member of Avaya’s CVE Numbering Authority-CNA, which serves as a primary point of contact for External Security Researchers. Interface with Avaya Product Teams, Legal, PR/Communications, Upper Management, etc. as required.

Security-related Customer Support:

  • Support of Development/Tier 4-owned security escalations/tickets.
  • Security Consultant / SME in partnering with Pre-Sales/Sales, Professional Services and associated Delivery teams across Avaya to address customer Security concerns.
  • B.S. degree in Computer Science, Computer Networking or related discipline,  
  • Proven expertise in security penetration testing and associated open-source and commercial security tools (e.g. NMAP, Nessus, Qualys, Automated and Manual Web App scanners and proxies, protocol fuzzers, database scanners, Metasploit, Cloud-native security tools, etc.)
  • IaaS/PaaS experience with top provider e.g. AWS, GCP, Azure, IBM Cloud
  • Ability to create customized scripts (e.g. via Perl, Ruby, Python) and Proof of Concept exploits
  • Working knowledge of Linux, Windows OS platforms, TCP/IP, SIP, REST API, networking protocols, and database platforms. 
  • High-tech product software/firmware support experience. In-depth problem-solving skills with demonstrated ability to isolate problems to specific software/firmware components
  • Demonstrated teamwork experience and desire to work in a fast-paced security consulting role. 
  • Excellent oral and written communication skills are needed to provide detailed technical analysis tailored to Avaya- internal as well as external customers. 
Desired Skills
  • M.S. degree
  • Previous experience with Avaya Aura portfolio of products (e.g. Avaya Aura core servers, call center solutions, endpoints/clients)
  • RedHat, VMware and/or Security (e.g. SANS GWAPT, GPEN, OSCP, ISC2 CISSP, CEH, etc.) certifications
  • PCI DSS, HIPAA, HITRUST, ISO, compliance experience
  • Knowledge of C/C++, Java Script, C#, iOS and Android development experience
  • PKI/CA/certificate management experience
  • JITC test and compliance (i.e. use and interpretation of STIG / SCAP tools).
  • U.S. Security clearance a plus
7 - 10 Years of Experience

Avaya is an Equal Opportunity employer and a U.S. Federal Contractor. Our commitment to equality is a core value of Avaya. All qualified applicants and employees receive equal treatment without consideration for race, religion, sex, age, sexual orientation, gender identity, national origin, disability, status as a protected veteran or any other protected characteristic. In general, positions at Avaya require the ability to communicate and use office technology effectively. Physical requirements may vary by assigned work location. This job brief/description is subject to change. Nothing in this job description restricts Avaya right to alter the duties and responsibilities of this position at any time for any reason. For Job Postings within European GDPR Countries you can access this document for additional Data Privacy Information: https://www.avaya.com/en/documents/gdpr-info-applicants.pdf #LI-HK1

Nearest Major Market: Denver