Security Analyst

We are a pioneer and leading provider of cloud security and compliance solutions that enable organizations to identify security risks to their IT infrastructures, help protect their IT systems and applications from ever-evolving cyber attacks and achieve compliance with internal policies and external regulations.

The Security Analyst is responsible for the specification, implementation, compliance, auditing and assessment of our production infrastructure. Maintains account security for services, systems, and ancillary applications. Responsible for developing reports to verify compliance with security policies. Will work closely with Development/Engineering, DBA, Networking, Support teams and Worldwide Customers to provide 24x7 support for Qualys production applications.

* Audit systems for secure configuration - users, time, central logging, etc * Identity management -- Directory service / authentication administration * Continuous vulnerability assessment and remediation * System/network security monitoring with Security Information Event Management tools * Active participation in incident response * Maintain documentation of operational processes * Continuously review security bulletins and related news; stay apprised of current threats and trends * Build and manage software patches and upgrades for production environment * Provide data and root cause analysis for each service impacting incident with all possible corrective actions for improvement. * Work with multiple teams in analyzing each service outage, measure, maintain and present the service quality metrics to management. * Responsible to maintain 24/7 service to customers and reduce MTTR in case of service interruption. * If required work with customers to identify and resolve customer issues related to Qualys products and services. * Participate in product design discussions and make appropriate recommendations.

* 5+ years of experience in systems administration. * BS or Engineering in Computer science or electronics or related IT focused. * Extensive knowledge of information security principles and practices, understanding of security protocols, principles, standards and defense in depth. * Experience with information security tools for performing vulnerability assessment, intrusion detection, integrity checking, event management * Extensive knowledge of Unix/Linux systems including hardware, software and applications. * Extensive knowledge of PKI, VPNs; Firewalls, IDS, TLS, Incident Handling * Strong grasp of TCP/IP fundamentals, UNIX operating systems * Knowledge of VMware and other virtualization products. * Knowledge of Apache and Tomcat web servers. * Must have exceptional verbal, written, interpersonal and presentation skills. * Must be able to work on 24/7 on-call schedule. * Must be able to work constructively in team environment. * Working experience in SaaS is highly desirable. * Applicant should have a valid passport.