Security Analyst
Qualys - Raleigh, NC

This job posting is no longer available on Qualys. Find similar jobs:Security Analyst jobs - Qualys jobs

The Security Analyst is responsible for the specification, implementation, compliance, auditing and assessment of our production infrastructure. Maintains account security for services, systems, and ancillary applications. Responsible for developing reports to verify compliance with security policies. Maintains Disaster Recovery documentation and is responsible for maintaining the disaster recovery posture. Will work closely with Development/Engineering, DBA, Networking, Support teams and Worldwide Customers to provide 24x7 support for Qualys production applications.

DUTIES AND RESPONSIBILITIES:
Audit systems for secure configuration - users, time, central logging, etc

Identity management -- Directory service / authentication administration

Continuous vulnerability assessment and remediation

System/network security monitoring with Security Information Event Management tools

Active participation in incident response

Maintain documentation of operational processes

Continuously review security bulletins and related news; stay apprised of current threats and trends

Build and manage software patches and upgrades for production environment

Provide data and root cause analysis for each service impacting incident with all possible corrective actions for improvement.

Work with multiple teams in analyzing each service outage, measure, maintain and present the service quality metrics to management.

Responsible to maintain 24/7 service to customers and reduce MTTR in case of service interruption.

If required work with customers to identify and resolve customer issues related to Qualys products and services.

Participate in product design discussions and make appropriate recommendations.

KNOWLEDGE, SKILLS, AND ABILITIES REQUIRED:
5+ years of experience in systems administration.

BS or Engineering in Computer science or electronics or related IT focused.

Extensive knowledge of information security principles and practices, understanding of security protocols, principles, standards and defense in depth.

Experience with information security tools for performing vulnerability assessment, intrusion detection, integrity checking, event management

Extensive knowledge of Unix/Linux systems including hardware, software and applications.

Extensive knowledge of PKI, VPNs; Firewalls, IDS, TLS, Incident Handling

Strong grasp of TCP/IP fundamentals, UNIX operating systems

Knowledge of VMware and other virtualization products.

Knowledge of Apache and Tomcat web servers.

Must have exceptional verbal, written, interpersonal and presentation skills.

Must be able to work on 24/7 on-call schedule.

Must be able to work constructively in team environment.

Working experience in SaaS is highly desirable.

Applicant should have a valid passport.