Job Description
About the position Verisign helps enable the security, stability, and resiliency of the internet. We are a trusted provider of internet infrastructure services for the networked world and deliver unmatched performance in domain name system (DNS) services. We are a mission focused, values driven company where each individual can contribute to building a stronger, more secure internet. We offer a dynamic and flexible work environment with competitive benefits and the ability to grow your career. Verisign is seeking a detail-oriented and proactive Senior Vulnerability Management (VM) Analyst with a focus on Secure Configuration Management (SCM) benchmark findings. This role will be responsible for analyzing, prioritizing, and remediating configuration-based vulnerabilities in collaboration with various technology teams. The ideal candidate will play a critical role in reducing risk by driving compliance with secure configuration baselines. Responsibilities β’ Perform regular reviews and assessments of SCM benchmark findings to identify deviations from established security baselines β’ Leverage vulnerability scanning tools (e.g., Tenable, Qualys, WIZ) and configuration management platforms to detect and track misconfigurations β’ Collaborate with technology and security teams to prioritize remediation efforts based on risk impact, exploitability, and business impact β’ Develop and maintain a risk-based prioritization framework for secure configuration findings β’ Support the remediation of high-risk misconfigurations by providing technical guidance and best practices β’ Work with infrastructure, cloud, and application teams to ensure configuration compliance with internal and industry standards β’ Provide guidance on hardening system configurations (Windows, MAC, Linux, network devices, etc.) according to established benchmarks β’ Track and validate remediation efforts to ensure effective closure of findings β’ Generate and deliver reports on configuration vulnerabilities, trends, and remediation progress to key stakeholders β’ Review remediation plans, exceptions, and compensating controls with stakeholders β’ Ensure accurate and timely documentation of configuration changes and updates β’ Stay current with emerging security vulnerabilities, best practices, and secure configuration standards β’ Identify opportunities for automation and process enhancement to streamline SCM activities β’ Contribute to the development and maintenance of configuration hardening guidelines Requirements β’ 10+ years of experience in vulnerability management, security operations, or system administration β’ Hands-on experience with vulnerability scanning tools (e.g., Tenable, Qualys, Rapid7) and configuration management platforms β’ Familiarity with secure configuration benchmarks (CIS, DISA STIGs, etc.) β’ Experience with ServiceNow SecOps β’ Bachelors' degree or equivalent work experience β’ Strong understanding of operating system hardening (Windows, MAC, Linux) and network device configurations β’ Experience with PowerShell, Python, or scripting for automation is a plus β’ Knowledge of SIEM, SOAR, and ITSM platforms is beneficial β’ Excellent analytical and problem-solving skills β’ Strong communication skills with the ability to collaborate and influence across technology teams β’ Detail-oriented with the ability to manage multiple priorities effectively β’ Ability to partner with remediation teams to focus on remediation targets Nice-to-haves β’ Certifications such as CompTIA Security+, GIAC GCIH, CISSP, or CISA β’ Experience with cloud security configurations (AWS, Azure, GCP) β’ Familiarity with compliance frameworks (NIST, ISO 27001, PCI DSS) Apply tot his job