Senior Vulnerability Management (VM) Analyst at Verisign

Verisign helps enable the security, stability, and resiliency of the internet. We are a trusted provider of internet infrastructure services for the networked world and deliver unmatched performance in domain name system (DNS) services.We are a mission focused, values driven company where each individual can contribute to building a stronger, more secure internet. We offer a dynamic and flexible work environment with competitive benefits and the ability to grow your career.Verisign is seeking a detail-oriented and proactive Senior Vulnerability Management (VM) Analyst with a focus on Secure Configuration Management (SCM) benchmark findings. This role will be responsible for analyzing, prioritizing, and remediating configuration-based vulnerabilities in collaboration with various technology teams. The ideal candidate will play a critical role in reducing risk by driving compliance with secure configuration baselines.Key Responsibilities:Secure Configuration Assessment:Perform regular reviews and assessments of SCM benchmark findings to identify deviations from established security baselinesLeverage vulnerability scanning tools (e.g., Tenable, Qualys, WIZ) and configuration management platforms to detect and track misconfigurationsPrioritization and Risk Reduction:Collaborate with technology and security teams to prioritize remediation efforts based on risk impact, exploitability, and business impactDevelop and maintain a risk-based prioritization framework for secure configuration findingsSupport the remediation of high-risk misconfigurations by providing technical guidance and best practicesRemediation and Collaboration:Work with infrastructure, cloud, and application teams to ensure configuration compliance with internal and industry standardsProvide guidance on hardening system configurations (Windows, MAC, Linux, network devices, etc.) according to established benchmarksTrack and validate remediation efforts to ensure effective closure of findingsReporting and Documentation:Generate and deliver reports on configuration vulnerabilities, trends, and remediation progress to key stakeholdersReview remediation plans, exceptions, and compensating controls with stakeholdersEnsure accurate and timely documentation of configuration changes and updatesContinuous Improvement:Stay current with emerging security vulnerabilities, best practices, and secure configuration standardsIdentify opportunities for automation and process enhancement to streamline SCM activitiesContribute to the development and maintenance of configuration hardening guidelinesRequired Skills and Qualifications:Experience:10+ years of experience in vulnerability management, security operations, or system administrationHands-on experience with vulnerability scanning tools (e.g., Tenable, Qualys, Rapid7) and configuration management platformsFamiliarity with secure configuration benchmarks (CIS, DISA STIGs, etc.)Experience with ServiceNow SecOpsBachelors' degree or equivalent work experienceTechnical Skills:Strong understanding of operating system hardening (Windows, MAC, Linux) and network device configurationsExperience with PowerShell, Python, or scripting for automation is a plusKnowledge of SIEM, SOAR, and ITSM platforms is beneficialSoft Skills:Excellent analytical and problem-solving skillsStrong communication skills with the ability to collaborate and influence across technology teamsDetail-oriented with the ability to manage multiple priorities effectivelyAbility to partner with remediation teams to focus on remediation targetsPreferred Qualifications:Certifications such as CompTIA Security+, GIAC GCIH, CISSP, or CISAExperience with cloud security configurations (AWS, Azure, GCP)Familiarity with compliance frameworks (NIST, ISO 27001, PCI DSS)This position is based in our Reston, VA office and offers a hybrid work environment.The pay range is $164,300- $222,300.The anticipated annual base salary range for this position is noted above, however, base pay offered may vary depending on job-related knowledge, skills, experience. Verisign offers a discretionary bonus which is based on individual and company performance, and certain roles may be eligible for discretionary stock awards.Verisign is an equal opportunity employer. That means we recruit, hire, compensate, train, promote, transfer, and administer all terms and conditions of employment without regard to their race, color, religion, national origin, sex, sexual orientation, gender identity, age, protected veteran status, disability, or other protected categories under applicable law.Additional Information:Our Careers PageOur Benefits SummaryVerisign in the CommunityOur EEO StatementOur Privacy Notice for Job Applicants/CandidatesReasonable AccommodationsStaffing agency policy: No fees will be paid for unsolicited resumes submitted to Verisign or our employees by third parties.