Information Security Governance, Risk and Compliance Engineer
Verisign helps enable the security, stability, and resiliency of the internet.
We are a trusted provider of internet infrastructure services for the networked world and deliver unmatched performance in domain name system (DNS) services.
We are a mission focused, values driven company where each individual can contribute to building a stronger, more secure internet.
We offer a dynamic and flexible work environment with competitive benefits and the ability to grow your career.
The mission of the Governance, Risk, and Compliance (GRC) team is to ensure Verisign operates with strong governance practices, effectively manages cybersecurity risks, and complies with all relevant laws and regulations.
The Information Security GRC Engineer IV is a key contributor and plays a vital role in shaping the security posture of Verisign.
This position focuses on overseeing the development and enforcement of information security policies and technical standards, as well as ensuring adherence to defined security requirements.
We seek a candidate with both the technical expertise and strategic insight in information security gained from working in complex technical environments.
The ideal individual will be adept at evaluating security requirements prescribed in policies and standards as well as developing security controls tailored to Verisign.
Responsibilities:
Develop and maintain information security policies, technical standards, and security guidelinesEvaluate compliance with security controls and security requirementsAdvise technical teams on the practical implementation of security controlsSupport internal and external security assessmentsDevelop risk mitigation strategiesEffectively communicate residual risks to senior management and create reports suitable for an executive-level audienceRegularly review existing GRC processes to enhance efficiencies.
Identify areas for improvement and provides actionable recommendations for improvementsRequired:
Possess subject matter expertise in cybersecurity and compliance frameworks, privacy controls, and security best practices.
(e.
g.
, NIST CSF, NIST SP 800-53, CIS Controls, SOC 2, GDPR, etc.
)Possess subject matter expertise in developing and managing enterprise information security policies, technical standards, and security guidelinesPossess subject matter expertise in security assessment, audits, risk mitigation, and risk managementTechnical understanding of security controls and identifying the spirit of the control, and how to implement them in a complex enterprise IT environmentBachelors degree in Computer Science, an equivalent technical degree or work experience8
years of broad information security experiencePreferred:
Knowledgeable in cybersecurity threats and risksKnowledgeable in continuous monitoringIndustry-recognized certifications, such as CISSP, CGRC, CAP, CISM, CRISC, or CISA are highly desirableThis position is based in our Reston, VA office and offers a flexible, hybrid work scheduleThe pay range is $128,700 - $174,100.
The anticipated base salary range for this position is noted above, however, base pay offered may vary depending on job-related knowledge, skills and experience.
Verisign is an equal opportunity employer.
That means we recruit, hire, compensate, train, promote, transfer, and administer all terms and conditions of employment without regard to their race, color, religion, national origin, sex, sexual orientation, gender identity, age, protected veteran status, disability, or other protected categories under applicable law.
Additional Information:
Our Careers PageOur Benefits SummaryVerisign in the CommunityOur EEO StatementOur Privacy Notice for Job Applicants/CandidatesReasonable AccommodationsStaffing agency policy:
No fees will be paid for unsolicited resumes submitted to Verisign or our employees by third parties.
.
Estimated Salary: $20 to $28 per hour based on qualifications.
We are a trusted provider of internet infrastructure services for the networked world and deliver unmatched performance in domain name system (DNS) services.
We are a mission focused, values driven company where each individual can contribute to building a stronger, more secure internet.
We offer a dynamic and flexible work environment with competitive benefits and the ability to grow your career.
The mission of the Governance, Risk, and Compliance (GRC) team is to ensure Verisign operates with strong governance practices, effectively manages cybersecurity risks, and complies with all relevant laws and regulations.
The Information Security GRC Engineer IV is a key contributor and plays a vital role in shaping the security posture of Verisign.
This position focuses on overseeing the development and enforcement of information security policies and technical standards, as well as ensuring adherence to defined security requirements.
We seek a candidate with both the technical expertise and strategic insight in information security gained from working in complex technical environments.
The ideal individual will be adept at evaluating security requirements prescribed in policies and standards as well as developing security controls tailored to Verisign.
Responsibilities:
Develop and maintain information security policies, technical standards, and security guidelinesEvaluate compliance with security controls and security requirementsAdvise technical teams on the practical implementation of security controlsSupport internal and external security assessmentsDevelop risk mitigation strategiesEffectively communicate residual risks to senior management and create reports suitable for an executive-level audienceRegularly review existing GRC processes to enhance efficiencies.
Identify areas for improvement and provides actionable recommendations for improvementsRequired:
Possess subject matter expertise in cybersecurity and compliance frameworks, privacy controls, and security best practices.
(e.
g.
, NIST CSF, NIST SP 800-53, CIS Controls, SOC 2, GDPR, etc.
)Possess subject matter expertise in developing and managing enterprise information security policies, technical standards, and security guidelinesPossess subject matter expertise in security assessment, audits, risk mitigation, and risk managementTechnical understanding of security controls and identifying the spirit of the control, and how to implement them in a complex enterprise IT environmentBachelors degree in Computer Science, an equivalent technical degree or work experience8
years of broad information security experiencePreferred:
Knowledgeable in cybersecurity threats and risksKnowledgeable in continuous monitoringIndustry-recognized certifications, such as CISSP, CGRC, CAP, CISM, CRISC, or CISA are highly desirableThis position is based in our Reston, VA office and offers a flexible, hybrid work scheduleThe pay range is $128,700 - $174,100.
The anticipated base salary range for this position is noted above, however, base pay offered may vary depending on job-related knowledge, skills and experience.
Verisign is an equal opportunity employer.
That means we recruit, hire, compensate, train, promote, transfer, and administer all terms and conditions of employment without regard to their race, color, religion, national origin, sex, sexual orientation, gender identity, age, protected veteran status, disability, or other protected categories under applicable law.
Additional Information:
Our Careers PageOur Benefits SummaryVerisign in the CommunityOur EEO StatementOur Privacy Notice for Job Applicants/CandidatesReasonable AccommodationsStaffing agency policy:
No fees will be paid for unsolicited resumes submitted to Verisign or our employees by third parties.
.
Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
