Come work at a place where innovation and teamwork come together to support the most exciting missions in the world!
Brief Description:
Qualys seeks to hire a Senior and Mid-level Global Risk and Compliance specialist. As a Governance, Risk, and Compliance (GRC) specialist the candidate will be reporting to the Security Operations Senior Director of Global Compliance.
Full Job Description
This role will be responsible for supporting our ongoing compliance efforts (ISO, NIAP, PCI DSS, GDPR, CCPA, IRAP, SOC2, and FedRAMP environments), working collaboratively to manage risk within the organisation, and assisting to shape the Qualys information security program through documentation and evaluation of security controls within Qualys and external 3rd part entities. You will work side by side with the information security team and others from across the organisation to help ensure Qualys and our customers data in secure and meeting organizational compliance standards.
· Produce weekly, monthly and quarterly uptime and status reports for production and critical internal infrastructure
· Manage organisational infrastructure LDAP/RADIUS/Basic auth,
· Design processes, programs and workflows,
· Handle all internal/External Audits, ISP document maintenance,
· Security log management & event monitoring (Splunk/IPS Palo Alto),
· Incident & Security Incident Response Strategy & Planning,
· Build custom packages & key management,
· VM, PKI management external/internal,
· Automation of legacy/scheduled manual tasks,
· Identity and Access Management.
Skillset Needed:
· 8-12 Years in IS & IT GRC with background in ISO27001 27017 27018, ISO9001, ISO 22301, FedRAMP, SOC2, ITIL, OCI/AWS/Azure/GCP Cloud Security and GDPR.
· Strong user of PowerPoint, MS Project Plan, Visio, Excel.
· Experience with Office365, SharePoint and/or Confluence.
· Be self-directed and self-motivated.
· Ability to focus on repetitive work efforts.
Beneficial Skillset:
· Qualys on Qualys, Threat Intel,
· FedRAMP Continuous Monitoring background,
· Detailed background in FedRAMP Moderate and High environments.
· Detailed knowledge of Qualys products and scanners
· Working experience on OneTrust or equivalent vendor assessment tool