Come work at a place where innovation and teamwork come together to support the most exciting missions in the world!
Prevent issues from becoming incidents.
As a Principal Identity Security Architect on the Qualys Product Security division, you will be a leader on a motivated team responsible for ensuring that Qualys products are built to the highest levels of security and trust. This is a senior role for a security architect that specializes in identity and access management solution engineering for products that SaaS companies build. The ideal candidate has a developer background, demonstrated expertise on modern identity patterns, and a track record of transforming Web and Client-side application platforms by partnering with engineering and product management. Successful candidates will understand how to be both - a player with and a coach for engineering.
Product Security operates differently. Our mission is to enable continuous improvement across the lifecycle of our product portfolio, so that Qualys can ensure the highest standards of verifiable security, trust, and compliance. Our function is to build a secure and well flowing SDLC, uphold quality management objectives, and ensure predictable outcomes for customers, our company, and attackers. We find and resolve problems early, working in-line with development.
Lead Identity Architecture: Design, implement, and maintain the identity and access management architecture for Qualys products, ensuring scalability, security, and compliance with industry standards.
Technical Leadership: Develop a deep understanding of Qualys products and security infrastructure and provide technical leadership and guidance to engineering teams on identity and access management best practices, architecture, and implementation.
Ship Improvements: Continuous improvement requires security to deliver. This team ships prototypes and improvements to production engineering teams so that we all get better.
Threat Modeling: Lead and participate in threat modeling exercises to identify and prioritize security threats and vulnerabilities in Qualys products and recommend mitigation strategies.
Solution Engineering: Work closely with Product Management and Engineering teams to integrate identity and access management solutions into Qualys products while considering usability, cost, and performance.
Security Compliance: Ensure compliance with relevant security standards and regulations (e.g., OAuth, SAML, OIDC, 2FA, RBAC) in identity and access management implementations.
Collaboration: Collaborate with cross-functional teams, including product management, engineering, and security operations, to ensure alignment of identity and access management strategies with business goals.
Research and Innovation: Stay updated with the latest trends and technologies in identity and access management, and drive innovation in Qualys products through the adoption of new approaches and tools.
Customer feedback: Analyze customer feedback/escalations and design long-term solutions to further strengthen Qualys products.
Expertise in Identity and Access Management: Subject matter expert with hands-on experience implementing identity and access management principles, protocols, and standards (e.g., OAuth 2.0, SAML, OIDC, MFA, RBAC).
Developer Enablement: Strong history of developing patterns and libraries that support rapid adoption of standards based IAM capabilities into existing products. Deep experience integrating vaults, HSMs, PKI, tokens, and secrets management solutions into Web and Client-Side applications. Previous experience designing and delivering platform RBAC improvements, MFA, BYOK capabilities, enabling Zero Knowledge and Zero Trust Architectures at scale.
Privilege Access Management: Experience deploying and integrating with Privileged Access Management (PAM) solutions such as CyberArk and/or BeyondTrust.
Certificate Based Access Control: candidate should have implemented certificate-based access control at scale. like have used Ping Identity.
Technical Background: Solid background in software development with proficiency in at least one programming language (e.g., Java, PHP, C++) and experience with Web and Client-Side application development.
Architecture and Design Skills: Proven track record in designing and architecting complex, scalable, and secure identity, and access management solutions for SaaS products.
Leadership and Collaboration: Demonstrated ability to lead and mentor engineering teams, collaborate effectively with cross-functional teams, and drive consensus on technical decisions.
Security Standards: Deep understanding of security best practices for cloud solution providers, compliance requirements for high-security customers such as FedRAMP, FIPS, etc., and their application in identity and access management.
Communication and Presentation Skills: Excellent verbal and written communication skills with the ability to articulate complex technical concepts to both technical and non-technical stakeholders. Ability to write detailed requirements, use cases, and technical acceptance criteria.
Secret pen tester or bug bounty champ.
Passion for Test Driven Development, DevSecOps.
اطلب مساعدة الخبراء لكتابة سيرة ذاتية مميزة.