Manager, Corporate IT Security

Information Technology Requisition ID 5265 Foster City, California

Description

Qualys is looking for talented and motivated individuals to join our growing Corporate IT team.  We need mature leader with hands-on experience with a broad scope of skills to enhance security posture, security best practices and manage our growing suite of security tools. This position is versatile in the skills required but will require a security professional to grasp the complexities and challenges afforded working for fast paced growing organization. The position is responsible for ensuring that the Security processes are optimized, ongoing reporting on IT security metrics, and leading IT Security projects and team members. The primary responsibility of this role is to oversee the regular of day-to-day security related activities, coordinate with key stakeholders on business requirements, security projects delivery.

 

DUTIES AND RESPONSIBILITIES:

  • Perform periodic reviews of different security systems, tools and operational metrics
  • Proactively identify security flaws, vulnerabilities and plan solutions. Think both like an attacker and defender in designing and implementing solutions.
  • Audit systems for secure configuration - users, central logging, etc.
  • Continuous vulnerability assessment and remediation. Knowledge of Qualys Cloud Platform would be added advantage
  • System/Network security monitoring with Security Information Event Management tools
  • Active participation in important Incident Response meetings
  • Plan, implement, review and upgrade security measures and controls
  • Define, implement, fine-tune and maintain corporate security policies
  • Continuously review security bulletins and related news; stay apprised of current threats and trends globally
  • Participate in data gathering and root cause analysis for each critical service impacting incident with all possible data point correlations and define response
  • Working in partnership with other teams to improve organizational defensive posture
  • Actively participate in internal product testing and improvement initiatives
  • Guide team members on operational responsibilities and projects as required
  • Mentor team members to align personal expectations and organizational requirements

 

 

KNOWLEDGE, SKILLS, AND ABILITIES REQUIRED:

  • 12-14 years of experience in Corporate IT Security administration out of which at least 2 years as leader of multilocational and multicultural team
  • Bachelor’s degree in Information Technology or Information Security,
  • CISSP/CEH/SANS Courses or any IT Certifications will be an added advantage
  • Prior experience of managing security operations across different time zones
  • Expertise in project planning and global projects delivery through multi locational teams
  • Expertise in Information Security principles and practices, understanding of security protocols, principles, standards and defense
  • Experience analyzing, troubleshooting, and investigating information security incidents from a variety of reporting platforms such IPS/IDS, DLP, SIEM, and vulnerability monitoring systems
  • Deep knowledge of PKI, VPNs, Firewalls, IDS, TLS, and Forensic investigations
  • Strong hands-on knowledge of TCP/IP fundamentals and various operating systems
  • Working knowledge of VMware and other virtualization platforms
  • Must have exceptional verbal and written communicative skills
  • Lead a successful team to deliver results
  • ITIL framework and work processes knowledge
  • Tabletop exercise experience would be added advantage
  • ISMS, SOX, FedRAMP implementation background / knowledge is essential
  • Splunk / SIEM tool hands-on experience is expected
  • Working experience in SaaS company is highly desirable

EEO Employer/Vet/Disabled