Principal Security Analyst at Qualys, Inc.
Foster City, CA
About the Job
The Principal Security Analyst is responsible for the specification, implementation, compliance, auditing and assessment of our production infrastructure; maintains security for services, systems, and ancillary applications; is responsible for verifying compliance with security policies.
She/he will work closely with Development/Engineering, DBA, Networking, system administration and Support teams to provide security related support for Qualys production applications.
DUTIES AND RESPONSIBILITIES:
She/he will work closely with Development/Engineering, DBA, Networking, system administration and Support teams to provide security related support for Qualys production applications.
DUTIES AND RESPONSIBILITIES:
- Identity management -- Directory service / authentication administration
- Audit enterprise linux systems against baseline configurations and best practices
- Continuous vulnerability assessment and remediation
- System/network security monitoring with Security Information Event Management tools
- Active participation in incident response
- Maintain documentation of operational processes
- Continuously review security bulletins and related news; stay apprised of current threats and trends
- Provide data and root cause analysis for each service impacting security incident with all possible corrective actions for improvement.
- Where required work with customers to identify and resolve customer issues related to Qualys products and services' security
- Participate in product design discussions and make appropriate security recommendations.
- 7-10 years of experience in systems and security administration.
- BS or Engineering in Computer science or electronics or related IT focused.
- Extensive knowledge of information security principles and practices, understanding of security protocols, principles, standards and defense in depth.
- Experience with information security tools for performing vulnerability assessment, intrusion detection, integrity checking, event management
- Extensive knowledge of Unix/Linux systems including hardware, software and applications.
- Extensive knowledge of PKI, VPNs; Firewalls, IDS, TLS, Incident handling
- Strong grasp of TCP/IP and common Internet fundamentals such as DNS, NTP, SMTP, HTTP, etc.
- Knowledge of VMware and other virtualization products.
- Working knowledge of Security Information Event Management tools, such as Splunk
- Familiarity with common compliance frameworks like the CIS Critical Controls, NIST SP800, ISO27001
- Certifications appreciated but not required - SANS, ISC2, OSCP
- Knowledge of Apache and Tomcat web servers
- Must have good verbal, written, interpersonal and presentation skills.
- Must be able to work constructively in team environment.
- Working experience in SaaS is highly desirable.