Come work at a place where innovation and teamwork come together to support the most exciting missions in the world!
As a Security Signature Engineer, you will be part of a motivated engineering team that is responsible for the research, development, and delivery of vulnerability signatures in the Qualys on-demand security service. This opening is your opportunity to work in the rapidly expanding field of computer security with a company with excellent customer ratings and outstanding growth rates.
Responsibilities:
Research and create signatures for the Qualys product to detect vulnerabilities in the areas of Databases, Applications, Operating systems, TCP/IP Protocols, and network devices.
Research new and emerging technologies to identify vulnerabilities and exploits.
Research Zero-day and actively attack vulnerabilities to create remote signatures to identify vulnerable assets.
Build automation for day-to-day tasks.
Participate in code reviews and contribute to the improvement of the overall signature development process.
Work with our Customer Support and Research teams to troubleshoot and triage customer issues such as false positives and false negatives.
Qualifications:
3+ years of industry experience in network and systems security.
In-depth knowledge of TCP/IP, HTTP, FTP, SSH, SSL, and SMTP protocols.
Knowledge of OWASP top 10 and familiarity with other web-based attacks.
Experience with scripting languages, including Python and Bash.
Experience with network analysis tools, and analysis of packet captures.
Proficient with regular expressions.
Knowledge of Container Security.
Knowledge of different Databases (Oracle, DB2 etc.) and Database Administration.
System administrator experience on Windows or Unix platforms.
Strong understanding of VPN, Firewalls, and Intrusion detection systems (IDS).
Excellent written and verbal communication skills.
Additional Plus Competencies:
Understanding of Lua (preferred), or Java.
Knowledge of Virtualization software (VMWare, Virtual PC/Virtual Box, XEN, etc.).
Knowledge of Cloud Platforms (AWS, Azure, Oracle, etc.).
Knowledge of container technologies such as Docker and Kubernetes.
Able to handle projects independently.
Experienced in the use of vulnerability scanners, IDS, and security tools.
Experience in developing security-related tools/programs.
OSCP, CISSP, or SANS GIAC certifications.
اطلب مساعدة الخبراء لكتابة سيرة ذاتية مميزة.