Signature Engineer, Cloud Security Compliance
Qualys
Pune, India
4d ago

Description

Qualys, Inc., the leading provider of cutting edge cloud-based security provider is looking for highly skilled Signature Engineer for Cloud Security Compliance engineering team.

Qualys was born in the cloud with a completely fresh approach to security. Qualys provides a hacker’s-eye view of the security vulnerabilities to an organization before hackers can exploit them.

It gives you a continuous view of your vulnerability, asset and compliance landscape across all your IP-connected devices and applications.

We provide continuous security services to 60%+of Fortune 100 companies and to over 8800 global customers.

As a Signature Engineer you will be part of an engineering team that is responsible for the research, development, and delivery of compliance signatures for Cloud security product.

In this team you will work on numerous Cloud platforms, Cloud Services and security standards like CIS, CSA-CCM, NIST, DISA, PCI-DSS andhelp customers assess the configurations and compliance.

Responsibilities :

  • Understand and explore APIs (REST, Java, PowerShell, Shell) provided by Cloud service providers (AWS, Azure, Google Cloud Platform etc.)
  • Based on research develop Java based signatures to identify and fix non-compliant cloud platforms / services related configurations and settings using Java API calls and Json Processing
  • Research on hardening Cloud-Platforms and cloud services configurations / settings
  • Research on public cloud platform architectures and services
  • Track updates pushed by cloud service provider on respective supported cloud platforms / services
  • Keep updates on recently disclosed vulnerabilities, mis-configurations using public channels / blogs and suggest recommendations based on the same
  • Research on hardening OSes, Web / Application Servers, database platforms etc.
  • Provide subject matter expertise to internal core engineering and infrastructure teams
  • Qualifications :

  • BS / MS in Computer Science or a related field
  • Development experience of 4+ years with BS and 2+ years with M.S, preferably in Information Security Domain
  • Experience in Java Programming
  • Proficient in Regular Expressions and Programming methods
  • Strong knowledge of Cloud Architectures and Security space
  • Experience and understanding with Cloud services / Platforms and various cloud service provider offerings (AWS, Azure, Google)
  • Conversant with Shell, PowerShell scripting
  • Installation, Configuration and administration of Applicationson Windows / Linux / Unix and other environments
  • Knowledge of programming in the Unix / Linux / windows environment
  • Good communication skills
  • Good understanding on domain of Information Security
  • Pluses :

  • Security Certifications like : CEH, CISA, CISM, CISSP, ISC2-CCSP
  • Cloud platform-based certifications like : AWS / Azure / GCP Certified Developer / Solution Architect
  • ExposuretoSecurity benchmarks like CIS or SCCM, DISA and STIG
  • Basic understanding of security standards / mandates like CSA-CCM, NIST, PCI-DSS etc.
  • Report this job
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Apply
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Continue
    Application form