Senior Vulnerability Management (VM) Analyst

About the position Verisign helps enable the security, stability, and resiliency of the internet. We are a trusted provider of internet infrastructure services for the networked world and deliver unmatched performance in domain name system (DNS) services. We are a mission focused, values driven company where each individual can contribute to building a stronger, more secure internet. We offer a dynamic and flexible work environment with competitive benefits and the ability to grow your career. Verisign is seeking a detail-oriented and proactive Senior Vulnerability Management (VM) Analyst with a focus on Secure Configuration Management (SCM) benchmark findings. This role will be responsible for analyzing, prioritizing, and remediating configuration-based vulnerabilities in collaboration with various technology teams. The ideal candidate will play a critical role in reducing risk by driving compliance with secure configuration baselines. Responsibilities • Perform regular reviews and assessments of SCM benchmark findings to identify deviations from established security baselines • Leverage vulnerability scanning tools (e.g., Tenable, Qualys, WIZ) and configuration management platforms to detect and track misconfigurations • Collaborate with technology and security teams to prioritize remediation efforts based on risk impact, exploitability, and business impact • Develop and maintain a risk-based prioritization framework for secure configuration findings • Support the remediation of high-risk misconfigurations by providing technical guidance and best practices • Work with infrastructure, cloud, and application teams to ensure configuration compliance with internal and industry standards • Provide guidance on hardening system configurations (Windows, MAC, Linux, network devices, etc.) according to established benchmarks • Track and validate remediation efforts to ensure effective closure of findings • Generate and deliver reports on configuration vulnerabilities, trends, and remediation progress to key stakeholders • Review remediation plans, exceptions, and compensating controls with stakeholders • Ensure accurate and timely documentation of configuration changes and updates • Stay current with emerging security vulnerabilities, best practices, and secure configuration standards • Identify opportunities for automation and process enhancement to streamline SCM activities • Contribute to the development and maintenance of configuration hardening guidelines Requirements • 10+ years of experience in vulnerability management, security operations, or system administration • Hands-on experience with vulnerability scanning tools (e.g., Tenable, Qualys, Rapid7) and configuration management platforms • Familiarity with secure configuration benchmarks (CIS, DISA STIGs, etc.) • Experience with ServiceNow SecOps • Bachelors' degree or equivalent work experience • Strong understanding of operating system hardening (Windows, MAC, Linux) and network device configurations • Experience with PowerShell, Python, or scripting for automation is a plus • Knowledge of SIEM, SOAR, and ITSM platforms is beneficial • Excellent analytical and problem-solving skills • Strong communication skills with the ability to collaborate and influence across technology teams • Detail-oriented with the ability to manage multiple priorities effectively • Ability to partner with remediation teams to focus on remediation targets Nice-to-haves • Certifications such as CompTIA Security+, GIAC GCIH, CISSP, or CISA • Experience with cloud security configurations (AWS, Azure, GCP) • Familiarity with compliance frameworks (NIST, ISO 27001, PCI DSS) Apply tot his job