Develop and maintain information security policies, technical standards, and security guidelines Evaluate compliance with security controls and security requirements Advise technical teams on the practical implementation of security controls Support internal and external security assessments Develop risk mitigation strategies Effectively communicate residual risks to senior management and create reports suitable for an executive-level audience Regularly review existing GRC processes to enhance e... more details
Verisign helps enable the security, stability, and resiliency of the internet. We are a trusted provider of internet infrastructure services for the networked world and deliver unmatched performance in domain name system (DNS) services.
We are a mission focused, values driven company where each individual can contribute to building a stronger, more secure internet. We offer a dynamic and flexible work environment with competitive benefits and the ability to grow your career.
The mission of the Governance, Risk, and Compliance (GRC) team is to ensure Verisign operates with strong governance practices, effectively manages cybersecurity risks, and complies with all relevant laws and regulations.
The Information Security GRC Engineer IV is a key contributor and plays a vital role in shaping the security posture of Verisign. This position focuses on overseeing the development and enforcement of information security policies and technical standards, as well as ensuring adherence to defined security requirements. We seek a candidate with both the technical expertise and strategic insight in information security gained from working in complex technical environments. The ideal individual will be adept at evaluating security requirements prescribed in policies and standards as well as developing security controls tailored to Verisign.
Responsibilities:
- Develop and maintain information security policies, technical standards, and security guidelines
- Evaluate compliance with security controls and security requirements
- Advise technical teams on the practical implementation of security controls
- Support internal and external security assessments
- Develop risk mitigation strategies
- Effectively communicate residual risks to senior management and create reports suitable for an executive-level audience
- Regularly review existing GRC processes to enhance efficiencies. Identify areas for improvement and provides actionable recommendations for improvements
Required:
- Possess subject matter expertise in cybersecurity and compliance frameworks, privacy controls, and security best practices. (e.g., NIST CSF, NIST SP 800-53, CIS Controls, SOC 2, GDPR, etc.)
- Possess subject matter expertise in developing and managing enterprise information security policies, technical standards, and security guidelines
- Possess subject matter expertise in security assessment, audits, risk mitigation, and risk management
- Technical understanding of security controls and identifying the “spirit” of the control, and how to implement them in a complex enterprise IT environment
- Bachelors’ degree in Computer Science, an equivalent technical degree or work experience
- 8 + years of broad information security experience
Preferred:
- Knowledgeable in cybersecurity threats and risks
- Knowledgeable in continuous monitoring
- Industry-recognized certifications, such as CISSP, CGRC, CAP, CISM, CRISC, or CISA are highly desirable
This position is based in our Reston, VA office and offers a flexible, hybrid work schedule
The pay range is $128,700 - $174,100. The anticipated base salary range for this position is noted above, however, base pay offered may vary depending on job-related knowledge, skills and experience.
Verisign is an equal opportunity employer. That means we recruit, hire, compensate, train, promote, transfer, and administer all terms and conditions of employment without regard to their race, color, religion, national origin, sex, sexual orientation, gender identity, age, protected veteran status, disability, or other protected categories under applicable law.
Additional Information:
Our Careers Page
Our Benefits Summary
Verisign in the Community
Our EEO Statement
Our Privacy Notice for Job Applicants/Candidates
Reasonable Accommodations
Staffing agency policy: No fees will be paid for unsolicited resumes submitted to Verisign or our employees by third parties.