Verisign helps enable the security, stability, and resiliency of the internet. We are a trusted provider of internet infrastructure services for the networked world and deliver unmatched performance in domain name system (DNS) services.
We are a mission focused, values driven company where each individual can contribute to building a stronger, more secure internet. We offer a dynamic and flexible work environment with competitive benefits and the ability to grow your career.
Key Responsibilities :
* Lead and participate in the design and implementation of secure coding practices across development teams
* Conduct detailed threat modeling exercises for new and existing applications to identify potential security issues
* Perform security reviews and code analysis to proactively identify and mitigate security vulnerabilities
* Work closely with developers to provide guidance on remediation strategies and secure coding techniques
* Implement and maintain automated security testing tools and processes
* Evaluate third-party libraries and dependencies for security risks
* Stay abreast of emerging security threats, vulnerabilities, and technologies to continuously improve application security measures
* Collaborate with cross-functional teams including Engineering and Operations to integrate security into the software development lifecycle (SDLC)
Requirements :
* Bachelor’s degree in Computer Science, Information Technology, or related field (or equivalent experience)
* 10+ years of proven experience as an Application Security Engineer or a similar role
* In-depth knowledge of OWASP ASVS and application security best practices
* Strong understanding of threat modeling methodologies and tools
* Hands‑on experience with secure coding practices and techniques (e.g., encryption, authentication mechanisms, secure API design)
* Proficiency in conducting security assessments (e.g., penetration testing, code reviews)
* Experience with security tools such as Burp Suite, Fortify, Veracode, etc.
* Excellent communication skills with the ability to articulate complex technical issues to non‑technical stakeholders
* Certifications such as CEH, or equivalent are a plus
#J-18808-Ljbffr