Verisign helps enable the security, stability, and resiliency of the internet. We are a trusted provider of internet infrastructure services for the networked world and deliver unmatched performance in domain name system (DNS) services.
We are a mission focused, values driven company where each individual can contribute to building a stronger, more secure internet. We offer a dynamic and flexible work environment with competitive benefits and the ability to grow your career.
As a Senior Application Security Engineer, you will be responsible for enhancing the security posture of our applications throughout their lifecycle. You will collaborate closely with development teams to integrate security best practices, conduct thorough threat modeling, and apply OWASP ASVS techniques to identify and mitigate security vulnerabilities.
Key Responsibilities:
- Lead and participate in the design and implementation of secure coding practices across development teams
- Conduct detailed threat modeling exercises for new and existing applications to identify potential security issues
- Perform security reviews and code analysis to proactively identify and mitigate security vulnerabilities
- Work closely with developers to provide guidance on remediation strategies and secure coding techniques
- Implement and maintain automated security testing tools and processes
- Evaluate third-party libraries and dependencies for security risks
- Stay abreast of emerging security threats, vulnerabilities, and technologies to continuously improve application security measures
- Collaborate with cross-functional teams including Engineering and Operations to integrate security into the software development lifecycle (SDLC)
Requirements:
- Bachelor’s degree in Computer Science, Information Technology, or related field (or equivalent experience)
- 10+ years of proven experience as an Application Security Engineer or a similar role
- In-depth knowledge of OWASP ASVS and application security best practices
- Strong understanding of threat modeling methodologies and tools
- Hands-on experience with secure coding practices and techniques (e.g., encryption, authentication mechanisms, secure API design)
- Proficiency in conducting security assessments (e.g., penetration testing, code reviews)
- Experience with security tools such as Burp Suite, Fortify, Veracode, etc.
- Excellent communication skills with the ability to articulate complex technical issues to non-technical stakeholders
- Certifications such as CEH, or equivalent are a plus
Verisign is an equal opportunity employer. That means we recruit, hire, compensate, train, promote, transfer, and administer all terms and conditions of employment without regard to their race, color, religion, national origin, sex, sexual orientation, gender identity, age, protected veteran status, disability, or other protected categories under applicable law.
Additional Information:
Our Careers Page
Our Benefits Summary
Verisign in the Community
Our EEO Statement
Our Privacy Notice for Job Applicants/Candidates
Reasonable Accommodations
Staffing agency policy: No fees will be paid for unsolicited resumes submitted to Verisign or our employees by third parties.
Top Skills
What We Do
Verisign, a global provider of domain name registry services and internet infrastructure, enables internet navigation for many of the world’s most recognized domain names. Verisign enables the security, stability, and resiliency of key internet infrastructure and services, including providing root zone maintainer services, operating two of the 13 global internet root servers, and providing registration services and authoritative resolution for the .com and .net top-level domains, which support the majority of global e-commerce. To learn more about what it means to be Powered by Verisign, please visit Verisign.com.
