Come work at a place where innovation and teamwork come together to support the most exciting missions in the world!
Join our dynamic team as a Security Analyst, where your expertise will be pivotal in fortifying our organizational defenses. As a key player, you will spearhead the implementation and management of cutting-edge vulnerability management processes, with a specialized focus on Qualys solutions. Your mission is to safeguard our Qualys infrastructure by deploying advanced security measures, conducting thorough assessments, and ensuring the seamless integration of industry-leading technologies.
In this role, you will not only be a guardian of our Qualys digital assets but also a catalyst for innovation, driving the continuous enhancement of our security posture. We're looking for an enthusiastic professional with a keen eye for cybersecurity trends, hands-on experience with Qualys, Cloud Security Posture Management (CSPM), and Endpoint Detection and Response/Endpoint Protection Platforms (EDR/EPP), and a commitment to excellence. If you are passionate about staying one step ahead of evolving threats and contributing to a secure digital future, we invite you to bring your skills to our team.
Responsibilities:
Qualys Implementation:
- Deploy and configure Qualys Vulnerability Management solutions for comprehensive coverage of Qualys infrastructure.
- Integrate Qualys with other security tools and systems to streamline data sharing and incident response.
Continuous Scanning:
- Establish and maintain regular scanning schedules to ensure timely identification of vulnerabilities.
- Configure Qualys scans to cover all assets, including servers, network devices, and cloud resources.
Scan Analysis and Reporting:
- Analyze scan results using Qualys reports and dashboards to identify critical vulnerabilities.
- Generate and distribute detailed vulnerability reports to relevant stakeholders, including recommended remediation actions.
Remediation Coordination:
- Collaborate with IT and system administration teams to prioritize and schedule remediation efforts based on Qualys scan findings.
- Provide technical guidance on specific remediation steps, including patching and configuration changes.
Qualys Policy Compliance:
- Implement and manage Qualys Policy Compliance modules to ensure that systems adhere to internal security policies and industry standards.
- Regularly review and update compliance policies to reflect evolving security requirements.
Trend Analysis and Metrics:
- Conduct trend analysis on vulnerability data to identify recurring issues and areas for proactive improvement.
- Develop and maintain key performance indicators (KPIs) related to vulnerability management efficacy.
Patch Management Integration:
- Integrate Qualys with patch management systems to streamline the deployment of security patches.
- Ensure that patching activities align with Qualys scan results and prioritize critical vulnerabilities.
CSPM (Cloud Security Posture Management):
- Implement and fine-tune CSPM tools to enforce compliance with industry regulations and organizational policies.
- Conduct regular audits of cloud infrastructure configurations, addressing security gaps and misconfigurations.
- Collaborate with DevOps teams to integrate security into the continuous integration/continuous deployment (CI/CD) pipeline.
EDR/EPP (Endpoint Detection and Response/Endpoint Protection Platforms):
- Deploy and manage EDR/EPP solutions for advanced threat detection and response capabilities.
- Configure and monitor EDR/EPP tools, conduct regular audits, and ensure proper integration with other security controls.
- Respond promptly to endpoint security alerts, investigate incidents, and implement corrective actions.
Training and Documentation:
- Provide training to relevant teams on using Qualys, CSPM, and EDR/EPP effectively for vulnerability management and security measures.
- Document configurations, workflows, and best practices for internal knowledge sharing.
Automation and Orchestration:
- Implement and maintain end-to-end automation workflows for scanning Qualys infrastructure.
- Explore automation opportunities within Qualys, CSPM, and EDR/EPP for repetitive tasks, enhancing efficiency.
- Implement orchestration workflows to automate the execution of remediation steps based on findings.
Collaboration with Qualys Support:
- Engage with Qualys support for issue resolution, updates, and to stay informed about new features and best practices.
- Participate in Qualys user forums and communities to share insights and learn from others' experiences.
Qualifications:
- Bachelor's or Master's degree in Cybersecurity, Information Technology, or a related field.
- Relevant certifications such as COMPTIA Security+, CEH, or similar.
- Proven experience in conducting vulnerability assessments and implementing security measures.
- Proficiency in deploying and managing security tools and solutions.
- Strong understanding of cloud security best practices.
- Experience with Cloud Security Posture Management (CSPM) tools.
- Hands-on experience with Endpoint Detection and Response/Endpoint Protection Platforms (EDR/EPP).
- Excellent documentation and communication skills.
- Ability to collaborate effectively with cross-functional teams.
- Continuous learning mindset to stay updated on the evolving cybersecurity landscape.
