Security Eng & Ops

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world!

Join our dynamic team as a Cybersecurity and Systems Security Engineer, where your expertise will be pivotal in fortifying our organizational defenses. As a key player, you will spearhead the implementation and management of cutting-edge processes with a specialized focus on Qualys solutions. Your mission is to safeguard our Qualys infrastructure by deploying advanced security measures, conducting thorough assessments, and ensuring the seamless integration of industry-leading technologies.

In this role, you will not only be a guardian of our Qualys digital assets but also a catalyst for innovation, driving the continuous enhancement of our security posture. We're looking for an enthusiastic professional with a keen eye for cybersecurity trends, hands-on experience with Qualys, Cloud Security Posture Management (CSPM), and Endpoint Detection and Response/Endpoint Protection Platforms (EDR/EPP), and a commitment to excellence. If you are passionate about staying one step ahead of evolving threats and contributing to a secure digital future, we invite you to bring your skills to our team.

Responsibilities:

CSPM (Cloud Security Posture Management):

• Implement and administer cloud native services and other security technologies like CSPM including Qualys Product across cloud infrastructure.
• Conduct in-depth security reviews of cloud architecture designs, deployments, and configurations, ensuring compliance with industry standards and regulatory requirements.
• Collaborate with DevOps teams to integrate security into the continuous integration/continuous deployment (CI/CD) pipeline.
• Design and implement security measures for cloud-based applications, services, and infrastructure to meet industry standards and security best practice
• Develop and maintain cloud security policies, standards, and procedures to guide the organization in securely adopting cloud services.
• Develop and enforce cloud identity governance processes, including user lifecycle management, access certifications, and access review workflows.

EDR/EPP (Endpoint Detection and Response/Endpoint Protection Platforms):

• Deploy and manage EDR/EPP solutions for advanced threat detection and response capabilities.
• Configure and monitor EDR/EPP tools, conduct regular audits, and ensure proper integration with other security controls.
• Respond promptly to endpoint security alerts, investigate incidents, and implement corrective actions.

Training and Documentation:

• Provide training to relevant teams on using Qualys, CSPM, and EDR/EPP effectively for vulnerability management and security measures.
• Document configurations, workflows, and best practices for internal knowledge sharing.

Automation and Orchestration:

• Implement and maintain end-to-end automation workflows for scanning Qualys infrastructure.
• Explore automation opportunities within Qualys, CSPM, and EDR/EPP for repetitive tasks, enhancing efficiency.
• Implement orchestration workflows to automate the execution of remediation steps based on findings.

Collaboration with Qualys Support:

• Engage with Qualys support for issue resolution, updates, and to stay informed about new features and best practices.
• Participate in Qualys user forums and communities to share insights and learn from others' experiences.

Qualifications:

• Bachelor's or Master's degree in Cybersecurity, Information Technology, or a related field.
• Relevant certifications such as COMPTIA Security+, CEH, or similar.
• Proficiency in deploying and managing security tools and solutions.
• Strong understanding of cloud security best practices.
• Proven experience with Cloud Security Posture Management (CSPM) tools.
• Hands-on experience with Endpoint Detection and Response/Endpoint Protection Platforms (EDR/EPP).
• Excellent documentation and communication skills.
• Ability to collaborate effectively with cross-functional teams.
• Continuous learning mindset to stay updated on the evolving cybersecurity landscape.