The Association of Technology, Management and Applied Engineering
Senior Vulnerability Management (VM) Analyst
The Association of Technology, Management and Applied Engineering, Reston, Virginia, United States, 22090
Verisign helps enable the security, stability, and resiliency of the internet. We are a trusted provider of internet infrastructure services for the networked world and deliver unmatched performance in domain name system (DNS) services.
We are a mission focused, values driven company where each individual can contribute to building a stronger, more secure internet. We offer a dynamic and flexible work environment with competitive benefits and the ability to grow your career.
Verisign is seeking a detail-oriented and proactive
Senior Vulnerability Management (VM) Analyst
with a focus on Secure Configuration Management (SCM) benchmark findings. This role will be responsible for analyzing, prioritizing, and remediating configuration-based vulnerabilities in collaboration with various technology teams. The ideal candidate will play a critical role in reducing risk by driving compliance with secure configuration baselines.
Key Responsibilities Secure Configuration Assessment
Perform regular reviews and assessments of SCM benchmark findings to identify deviations from established security baselines
Leverage vulnerability scanning tools (e.g., Tenable, Qualys, WIZ) and configuration management platforms to detect and track misconfigurations
Prioritization and Risk Reduction
Collaborate with technology and security teams to prioritize remediation efforts based on risk impact, exploitability, and business impact
Develop and maintain a risk-based prioritization framework for secure configuration findings
Support the remediation of high-risk misconfigurations by providing technical guidance and best practices
Remediation and Collaboration
Work with infrastructure, cloud, and application teams to ensure configuration compliance with internal and industry standards
Provide guidance on hardening system configurations (Windows, MAC, Linux, network devices, etc.) according to established benchmarks
Track and validate remediation efforts to ensure effective closure of findings
Reporting and Documentation
Generate and deliver reports on configuration vulnerabilities, trends, and remediation progress to key stakeholders
Review remediation plans, exceptions, and compensating controls with stakeholders
Ensure accurate and timely documentation of configuration changes and updates
Continuous Improvement
Stay current with emerging security vulnerabilities, best practices, and secure configuration standards
Identify opportunities for automation and process enhancement to streamline SCM activities
Contribute to the development and maintenance of configuration hardening guidelines
Required Skills and Qualifications Experience
10+ years of experience in vulnerability management, security operations, or system administration
Hands‑on experience with vulnerability scanning tools (e.g., Tenable, Qualys, Rapid7) and configuration management platforms
Familiarity with secure configuration benchmarks (CIS, DISA STIGs, etc.)
Experience with ServiceNow SecOps
Bachelors' degree or equivalent work experience
Technical Skills
Strong understanding of operating system hardening (Windows, MAC, Linux) and network device configurations
Experience with PowerShell, Python, or scripting for automation is a plus
Knowledge of SIEM, SOAR, and ITSM platforms is beneficial
Soft Skills
Excellent analytical and problem‑solving skills
Strong communication skills with the ability to collaborate and influence across technology teams
Detail‑oriented with the ability to manage multiple priorities effectively
Ability to partner with remediation teams to focus on remediation targets
Preferred Qualifications
Certifications such as CompTIA Security+, GIAC GCIH, CISSP, or CISA
Experience with cloud security configurations (AWS, Azure, GCP)
Familiarity with compliance frameworks (NIST, ISO 27001, PCI DSS)
This position is based in our Reston, VA office and offers a hybrid work environment.
The pay range is $164,300 - $222,300. The anticipated annual base salary range for this position is noted above, however, base pay offered may vary depending on job‑related knowledge, skills, experience. Verisign offers a discretionary bonus which is based on individual and company performance, and certain roles may be eligible for discretionary stock awards.
Verisign is an equal opportunity employer. That means we recruit, hire, compensate, train, promote, transfer, and administer all terms and conditions of employment without regard to their race, color, religion, national origin, sex, sexual orientation, gender identity, age, protected veteran status, disability, or other protected categories under applicable law.
Additional Information
Our Careers Page
Our Benefits Summary
Verisign in the Community
Our EEO Statement
Our Privacy Notice for Job Applicants/Candidates
Reasonable Accommodations
Staffing agency policy: No fees will be paid for unsolicited resumes submitted to Verisign or our employees by third parties.
#J-18808-Ljbffr
We are a mission focused, values driven company where each individual can contribute to building a stronger, more secure internet. We offer a dynamic and flexible work environment with competitive benefits and the ability to grow your career.
Verisign is seeking a detail-oriented and proactive
Senior Vulnerability Management (VM) Analyst
with a focus on Secure Configuration Management (SCM) benchmark findings. This role will be responsible for analyzing, prioritizing, and remediating configuration-based vulnerabilities in collaboration with various technology teams. The ideal candidate will play a critical role in reducing risk by driving compliance with secure configuration baselines.
Key Responsibilities Secure Configuration Assessment
Perform regular reviews and assessments of SCM benchmark findings to identify deviations from established security baselines
Leverage vulnerability scanning tools (e.g., Tenable, Qualys, WIZ) and configuration management platforms to detect and track misconfigurations
Prioritization and Risk Reduction
Collaborate with technology and security teams to prioritize remediation efforts based on risk impact, exploitability, and business impact
Develop and maintain a risk-based prioritization framework for secure configuration findings
Support the remediation of high-risk misconfigurations by providing technical guidance and best practices
Remediation and Collaboration
Work with infrastructure, cloud, and application teams to ensure configuration compliance with internal and industry standards
Provide guidance on hardening system configurations (Windows, MAC, Linux, network devices, etc.) according to established benchmarks
Track and validate remediation efforts to ensure effective closure of findings
Reporting and Documentation
Generate and deliver reports on configuration vulnerabilities, trends, and remediation progress to key stakeholders
Review remediation plans, exceptions, and compensating controls with stakeholders
Ensure accurate and timely documentation of configuration changes and updates
Continuous Improvement
Stay current with emerging security vulnerabilities, best practices, and secure configuration standards
Identify opportunities for automation and process enhancement to streamline SCM activities
Contribute to the development and maintenance of configuration hardening guidelines
Required Skills and Qualifications Experience
10+ years of experience in vulnerability management, security operations, or system administration
Hands‑on experience with vulnerability scanning tools (e.g., Tenable, Qualys, Rapid7) and configuration management platforms
Familiarity with secure configuration benchmarks (CIS, DISA STIGs, etc.)
Experience with ServiceNow SecOps
Bachelors' degree or equivalent work experience
Technical Skills
Strong understanding of operating system hardening (Windows, MAC, Linux) and network device configurations
Experience with PowerShell, Python, or scripting for automation is a plus
Knowledge of SIEM, SOAR, and ITSM platforms is beneficial
Soft Skills
Excellent analytical and problem‑solving skills
Strong communication skills with the ability to collaborate and influence across technology teams
Detail‑oriented with the ability to manage multiple priorities effectively
Ability to partner with remediation teams to focus on remediation targets
Preferred Qualifications
Certifications such as CompTIA Security+, GIAC GCIH, CISSP, or CISA
Experience with cloud security configurations (AWS, Azure, GCP)
Familiarity with compliance frameworks (NIST, ISO 27001, PCI DSS)
This position is based in our Reston, VA office and offers a hybrid work environment.
The pay range is $164,300 - $222,300. The anticipated annual base salary range for this position is noted above, however, base pay offered may vary depending on job‑related knowledge, skills, experience. Verisign offers a discretionary bonus which is based on individual and company performance, and certain roles may be eligible for discretionary stock awards.
Verisign is an equal opportunity employer. That means we recruit, hire, compensate, train, promote, transfer, and administer all terms and conditions of employment without regard to their race, color, religion, national origin, sex, sexual orientation, gender identity, age, protected veteran status, disability, or other protected categories under applicable law.
Additional Information
Our Careers Page
Our Benefits Summary
Verisign in the Community
Our EEO Statement
Our Privacy Notice for Job Applicants/Candidates
Reasonable Accommodations
Staffing agency policy: No fees will be paid for unsolicited resumes submitted to Verisign or our employees by third parties.
#J-18808-Ljbffr