Posted 4 days ago
Main Location
Reston, VA, United States
Open jobs

The Engineer IV – Applications Security will play a key role in securing all software built and/or used by Verisign. The engineer will work with application development teams as well as 3rd party organizations to ensure that security, privacy, and compliance constraints are built into the applications. In addition to securing applications, the engineer will be expected to help develop tools used by the security team to automate various aspects of the security stack. The individual should possess strong interpersonal skills, be highly motivated; results oriented; have excellent communication and presentation skills and be a strong team player.

Verisign, a leader in domain names and internet infrastructure, enables internet navigation for many of the world’s most recognized domain names. Verisign enables the security, stability, and resiliency of key internet infrastructure and services, including providing root zone maintainer services, operating two of the 13 global internet root servers, and providing registration services and authoritative resolution for the .com and .net top-level domains, which support the majority of global e-commerce. To learn more about what it means to be Powered by Verisign, please visit verisign.com.

• Provide security recommendations as a subject matter expert for development teams during requirement and design phases of development
• Validate vulnerability resolutions and ensure they are deployed to production in a timely manner
• Tracks open issues and follows up with development teams to ensure they are being addressed
• Participate in the change management process ensuring that all releases are reviewed by security before being approved for production
• Provide guidance to application groups on application security best practices
• Collaborate with development teams to support remediation of software vulnerabilities
• Provide guidance to the product engineering teams on security testing
• Perform manual and automated application vulnerability assessments and document vulnerabilities which were found and provide recommendations for remediation


• 8+ years’ experience in Information Technology, experience in applications development
• 4+ years’ experience conducting assessments using COTS software (Burp Suite, Fortify, etc) and other tools to ensure security of applications
• Knowledge of the OWASP Testing Framework and OWASP Top 10
• Proficiency in currently accepted software development life cycles and associated standards and procedures
• Knowledgeable of the current application architectures (Single Page Application (SPA), 3-tier)
• Methodical and organized; able to manage multiple opportunities, projects, and partners concurrently
• Able to multi-task and work independently with minimum supervision to meet firm deadlines
• Participate in reviews of work done by peers and provide constructive feedback
• Excellent communication, presentation and leadership skills

• 4+ years software development using Java, C++, or scripting languages (Python, Perl, etc.)
• Experience in implementing security assessments within a Continuous Integration pipeline
• Experience with Unix and Linux operating systems
• Understanding of cloud application security as well as software defined networking
• Experience with multiple programming and scripting languages (Go, Ruby, etc.
• Understanding of Agile methodologies (Kanban, Scrum, pair programming etc.)
• Understanding of DevOps and security integration
• Experience with API security testing

Help us maintain the quality of jobs posted on PowerToFly. Let us know if this job is closed.
We're a community of women leveraging our connections into top companies to help underrepresented women get the roles they've always deserved. Simultaneously, we work to build truly inclusive hiring processes and environments where women can thrive and not just survive.
Are you hiring? Join our platform for diversifiying your team