Qualys, Inc., the leading provider of cutting edge cloud-based security provider is looking for highly skilled Signature Engineer for Cloud Security Compliance engineering team.
Qualys was born in the cloud with a completely fresh approach to security. Qualys provides a hacker’s-eye view of the security vulnerabilities to an organization before hackers can exploit them.
It gives you a continuous view of your vulnerability, asset and compliance landscape across all your IP-connected devices and applications.
We provide continuous security services to 60%+of Fortune 100 companies and to over 8800 global customers.
As a Signature Engineer you will be part of an engineering team that is responsible for the research, development, and delivery of compliance signatures for Cloud security product.
In this team you will work on numerous Cloud platforms, Cloud Services and security standards like CIS, CSA-CCM, NIST, DISA, PCI-DSS andhelp customers assess the configurations and compliance.
Understand and explore APIs (REST, Java, PowerShell, Shell) provided by Cloud service providers (AWS, Azure, Google Cloud Platform etc.)
Based on research develop Java based signatures to identify and fix non-compliant cloud platforms / services related configurations and settings using Java API calls and Json Processing
Research on hardening Cloud-Platforms and cloud services configurations / settings
Research on public cloud platform architectures and services
Track updates pushed by cloud service provider on respective supported cloud platforms / services
Keep updates on recently disclosed vulnerabilities, mis-configurations using public channels / blogs and suggest recommendations based on the same
Research on hardening OSes, Web / Application Servers, database platforms etc.
Provide subject matter expertise to internal core engineering and infrastructure teams
BS / MS in Computer Science or a related field
Development experience of 4+ years with BS and 2+ years with M.S, preferably in Information Security Domain
Experience in Java Programming
Proficient in Regular Expressions and Programming methods
Strong knowledge of Cloud Architectures and Security space
Experience and understanding with Cloud services / Platforms and various cloud service provider offerings (AWS, Azure, Google)
Conversant with Shell, PowerShell scripting
Installation, Configuration and administration of Applicationson Windows / Linux / Unix and other environments
Knowledge of programming in the Unix / Linux / windows environment
Good communication skills
Good understanding on domain of Information Security
Security Certifications like : CEH, CISA, CISM, CISSP, ISC2-CCSP
Cloud platform-based certifications like : AWS / Azure / GCP Certified Developer / Solution Architect
ExposuretoSecurity benchmarks like CIS or SCCM, DISA and STIG
Basic understanding of security standards / mandates like CSA-CCM, NIST, PCI-DSS etc.