Principal Security Analyst

8 - 10 years experience  •  Business Services

Salary depends on experience
Posted on 02/21/18
Foster City, CA
8 - 10 years experience
Business Services
Salary depends on experience
Posted on 02/21/18


DUTIES AND RESPONSIBILITIES:

  • Identity management -- Directory service / authentication administration
  • Audit enterprise linux systems against baseline configurations and best practices
  • Continuous vulnerability assessment and remediation
  • System/networksecurity monitoring with Security Information Event Management tools
  • Active participation in incident response
  • Maintain documentation of operational processes
  • Continuously review security bulletins and related news; stay apprised of current threats and trends
  • Provide data and root cause analysis for each service impacting security incident with all possible corrective actions for improvement.
  • Where required work with customers to identify and resolve customer issues related to Qualys products and services' security
  • Participate in product design discussions and make appropriate security recommendations.

KEY SKILLS, KNOWLEDGE, AND ABILITIES:

  • 7-10 years of experience in systems and security administration.
  • BS or Engineering in Computer science or electronics or related IT focused.
  • Extensive knowledge of information security principles and practices, understanding of security protocols, principles, standards and defense in depth.
  • Experience with information security tools for performing vulnerability assessment, intrusion detection, integrity checking, event management
  • Extensive knowledge of Unix/Linux systems including hardware, software and applications.
  • Extensive knowledge of PKI, VPNs; Firewalls, IDS, TLS, Incident handling
  • Strong grasp of TCP/IP and common Internet fundamentals such as DNS, NTP, SMTP, HTTP, etc.
  • Knowledge of VMware and other virtualization products.
  • Working knowledge of Security Information Event Management tools, such as Splunk
  • Familiarity with common compliance frameworks like the CIS Critical Controls, NIST SP800, ISO27001
  • Certifications appreciated but not required - SANS, ISC2, OSCP
  • Knowledge of Apache and Tomcat web servers
  • Must have good verbal, written, interpersonal and presentation skills.
  • Must be able to work constructively in team environment.
  • Working experience in SaaS is highly desirable.
Not the right job?
Join Ladders to find it.
With a free Ladders account, you can find the best jobs for you and be found by over 20,0000 recruiters.