About the position
Verisign helps enable the security, stability, and resiliency of the internet. We are a trusted provider of internet infrastructure services for the networked world and deliver unmatched performance in domain name system (DNS) services.
We are a mission focused, values driven company where each individual can contribute to building a stronger, more secure internet. We offer a dynamic and flexible work environment with competitive benefits and the ability to grow your career.
Verisign is seeking a detail-oriented and proactive Senior Vulnerability Management (VM) Analyst with a focus on Secure Configuration Management (SCM) benchmark findings. This role will be responsible for analyzing, prioritizing, and remediating configuration-based vulnerabilities in collaboration with various technology teams. The ideal candidate will play a critical role in reducing risk by driving compliance with secure configuration baselines.
Responsibilities
• Perform regular reviews and assessments of SCM benchmark findings to identify deviations from established security baselines
• Leverage vulnerability scanning tools (e.g., Tenable, Qualys, WIZ) and configuration management platforms to detect and track misconfigurations
• Collaborate with technology and security teams to prioritize remediation efforts based on risk impact, exploitability, and business impact
• Develop and maintain a risk-based prioritization framework for secure configuration findings
• Support the remediation of high-risk misconfigurations by providing technical guidance and best practices
• Work with infrastructure, cloud, and application teams to ensure configuration compliance with internal and industry standards
• Provide guidance on hardening system configurations (Windows, MAC, Linux, network devices, etc.) according to established benchmarks
• Track and validate remediation efforts to ensure effective closure of findings
• Generate and deliver reports on configuration vulnerabilities, trends, and remediation progress to key stakeholders
• Review remediation plans, exceptions, and compensating controls with stakeholders
• Ensure accurate and timely documentation of configuration changes and updates
• Stay current with emerging security vulnerabilities, best practices, and secure configuration standards
• Identify opportunities for automation and process enhancement to streamline SCM activities
• Contribute to the development and maintenance of configuration hardening guidelines
Requirements
• 10+ years of experience in vulnerability management, security operations, or system administration
• Hands-on experience with vulnerability scanning tools (e.g., Tenable, Qualys, Rapid7) and configuration management platforms
• Familiarity with secure configuration benchmarks (CIS, DISA STIGs, etc.)
• Experience with ServiceNow SecOps
• Bachelors' degree or equivalent work experience
• Strong understanding of operating system hardening (Windows, MAC, Linux) and network device configurations
• Experience with PowerShell, Python, or scripting for automation is a plus
• Knowledge of SIEM, SOAR, and ITSM platforms is beneficial
• Excellent analytical and problem-solving skills
• Strong communication skills with the ability to collaborate and influence across technology teams
• Detail-oriented with the ability to manage multiple priorities effectively
• Ability to partner with remediation teams to focus on remediation targets
Nice-to-haves
• Certifications such as CompTIA Security+, GIAC GCIH, CISSP, or CISA
• Experience with cloud security configurations (AWS, Azure, GCP)
• Familiarity with compliance frameworks (NIST, ISO 27001, PCI DSS)