Principal Security Analyst
Foster City, CA

Job Description

The Principal Security Analyst is responsible for the specification, implementation, compliance, auditing and assessment of our production infrastructure; maintains security for services, systems, and ancillary applications; is responsible for verifying compliance with security policies.

She/he will work closely with Development/Engineering, DBA, Networking, system administration and Support teams to provide security related support for Qualys production applications.

DUTIES AND RESPONSIBILITIES:

* Identity management -- Directory service / authentication administration
* Audit enterprise linux systems against baseline configurations and best practices
* Continuous vulnerability assessment and remediation
* System/network security monitoring with Security Information Event Management tools
* Active participation in incident response
* Maintain documentation of operational processes
* Continuously review security bulletins and related news; stay apprised of current threats and trends
* Provide data and root cause analysis for each service impacting security incident with all possible corrective actions for improvement.
* Where required work with customers to identify and resolve customer issues related to Qualys products and services' security
* Participate in product design discussions and make appropriate security recommendations.

KEY SKILLS, KNOWLEDGE, AND ABILITIES:

* 7-10 years of experience in systems and security administration.
* BS or Engineering in Computer science or electronics or related IT focused.
* Extensive knowledge of information security principles and practices, understanding of security protocols, principles, standards and defense in depth.
* Experience with information security tools for performing vulnerability assessment, intrusion detection, integrity checking, event management
* Extensive knowledge of Unix/Linux systems including hardware, software and applications.
* Extensive knowledge of PKI, VPNs; Firewalls, IDS, TLS, Incident handling
* Strong grasp of TCP/IP and common Internet fundamentals such as DNS, NTP, SMTP, HTTP, etc.
* Knowledge of VMware and other virtualization products.
* Working knowledge of Security Information Event Management tools, such as Splunk
* Familiarity with common compliance frameworks like the CIS Critical Controls, NIST SP800, ISO27001
* Certifications appreciated but not required - SANS, ISC2, OSCP
* Knowledge of Apache and Tomcat web servers
* Must have good verbal, written, interpersonal and presentation skills.
* Must be able to work constructively in team environment.
* Working experience in SaaS is highly desirable.