This is a rare opportunity to work in a fulfilling role as part of a small team that is breaking new ground in the application security space. Qualys is an exciting - and now public - company with excellent customer ratings and outstanding growth rates. Please note that this is a full-time position in Madison, WI in the United States.
Gather, research, and categorize existing application security knowledge and tools
Keep up-to-date with the application security landscape
Research known security issues in web applications, frameworks, and other relevant web stack components (such as web and database servers)
Research and discover new application security issues, attack and defense techniques
Publish whitepapers and present at security conferences
Design security detection logic for IronBee
Write IronBee rules and signatures
BSc in Computer Science, or a similar degree
Ability to work independently and efficiently, getting things done
Good communicator, with fluent English and excellent verbal and writing skills.
A deep understanding of how the Internet works is essential. You must be familiar with networking protocols—for example DNS, TCP/IP, SSL/TLS, and others
In-depth knowledge of HTTP and the related standards and specifications
Reasonable programming skills, especially when it comes to scripting. You should be able to write small programs to automate your activities or mine data.
Good understand of cryptography and secure programming
Ability to work on Unix as a primary platform; Windows as secondary
Ability to think like an attacker yet operate as a defender
Additional Plus Competencies
Developer experience - enough to read code in order to understand how an attack functions
Experience in web application developmentExperience in application penetration testing, intrusion detection and prevention systems, or web application firewalls
Exposure to open source, application security communities, and OWASP
Familiarity with data structures, statistics, and machine learning
Qualys, Inc. is the leading provider of Software-as-a-Service (SaaS) IT security risk and compliance management solutions. Qualys solutions...