Senior Vulnerability Management (VM) Analyst

Verisign is seeking a detail-oriented and proactive Senior Vulnerability Management (VM) Analyst with a focus on Secure Configuration Management (SCM) benchmark findings.

This role will be responsible for analyzing, prioritizing, and remediating configuration-based vulnerabilities in collaboration with various technology teams.

The ideal candidate will play a critical role in reducing risk by driving compliance with secure configuration baselines.

Key Responsibilities: Secure Configuration Assessment: * Perform regular reviews and assessments of SCM benchmark findings to identify deviations from established security baselines * Leverage vulnerability scanning tools (e.g., Tenable, Qualys, WIZ) and configuration management platforms to detect and track misconfigurations Prioritization and Risk Reduction: * Collaborate with technology and security teams to prioritize remediation efforts based on risk impact, exploitability, and business impact * Develop and maintain a risk-based prioritization framework for secure configuration findings * Support the remediation of high-risk misconfigurations by providing technical guidance and best practices Remediation and Collaboration: * Work with infrastructure, cloud, and application teams to ensure configuration compliance with internal and industry standards * Provide guidance on hardening system configurations (Windows, MAC, Linux, network devices, etc.) according to established benchmarks * Track and validate remediation efforts to ensure effective closure of findings Reporting and Documentation: * Generate and deliver reports on configuration vulnerabilities, trends, and remediation progress to key stakeholders * Review remediation plans, exceptions, and compensating controls with stakeholders * Ensure accurate and timely documentation of configuration changes and updates Continuous Improvement: * Stay current with emerging security vulnerabilities, best practices, and secure configuration standards * Identify opportunities for automation and process enhancement to streamline SCM activities * Contribute to the development and maintenance of configuration hardening guidelines Required Skills and Qualifications: Experience: * 10+ years of experience in vulnerability management, security operations, or system administration * Hands-on experience with vulnerability scanning tools (e.g., Tenable, Qualys, Rapid7) and configuration management platforms * Familiarity with secure configuration benchmarks (CIS, DISA STIGs, etc.) * Experience with ServiceNow SecOps * Bachelors' degree or equivalent work experience Technical Skills: * Strong understanding of operating system hardening (Windows, MAC, Linux) and network device configurations * Experience with PowerShell, Python, or scripting for automation is a plus * Knowledge of SIEM, SOAR, and ITSM platforms is beneficial Soft Skills: * Excellent analytical and problem-solving skills * Strong communication skills with the ability to collaborate and influence across technology teams * Detail-oriented with the ability to manage multiple priorities effectively * Ability to partner with remediation teams to focus on remediation targets Preferred Qualifications: * Certifications such as CompTIA Security+, GIAC GCIH, CISSP, or CISA * Experience with cloud security configurations (AWS, Azure, GCP) * Familiarity with compliance frameworks (NIST, ISO 27001, PCI DSS) This position is based in our Reston, VA office and offers a hybrid work environment.

The pay range is $164,300- $222,300.

The anticipated annual base salary range for this position is noted above, however, base pay offered may vary depending on job-related knowledge, skills, experience.

Verisign offers a discretionary bonus which is based on individual and company performance, and certain roles may be eligible for discretionary stock awards.