Come work at a place where innovation and teamwork come together to support the most exciting missions in the world!
Brief Description:
Qualys seeks to hire a Senior and Mid-level Global Risk and Compliance specialist. As a Governance, Risk, and Compliance (GRC) specialist the candidate will be reporting to the Security Operations Senior Director of Global Compliance.
Full Job Description
This role will be responsible for supporting our ongoing compliance efforts (ISO, NIAP, PCI DSS, GDPR, CCPA, IRAP, SOC2, and FedRAMP environments), working collaboratively to manage risk within the organisation, and assisting to shape the Qualys information security program through documentation and evaluation of security controls within Qualys and external 3rd part entities. You will work side by side with the information security team and others from across the organisation to help ensure Qualys and our customers data in secure and meeting organizational compliance standards.
· Produce weekly, monthly and quarterly uptime and status reports for production and critical internal infrastructure
· Manage organisational infrastructure LDAP/RADIUS/Basic auth,
· Design processes, programs and workflows,
· Handle all internal/External Audits, ISP document maintenance,
· Security log management & event monitoring (Splunk/IPS Palo Alto),
· Incident & Security Incident Response Strategy & Planning,
· Build custom packages & key management,
· VM, PKI management external/internal,
· Automation of legacy/scheduled manual tasks,
· Identity and Access Management.
Skillset Needed:
· 8-12 Years in IS & IT GRC with background in ISO27001 27017 27018, ISO9001, ISO 22301, FedRAMP, SOC2, ITIL, OCI/AWS/Azure/GCP Cloud Security and GDPR.
· Strong user of PowerPoint, MS Project Plan, Visio, Excel.
· Experience with Office365, SharePoint and/or Confluence.
· Be self-directed and self-motivated.
· Ability to focus on repetitive work efforts.
Beneficial Skillset:
· Qualys on Qualys, Threat Intel,
· FedRAMP Continuous Monitoring background,
· Detailed background in FedRAMP Moderate and High environments.
· Detailed knowledge of Qualys products and scanners
· Working experience on OneTrust or equivalent vendor assessment tool
Top Skills
What We Do
Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of disruptive cloud-based security, compliance and IT solutions with more than 10,000 subscription customers worldwide, including a majority of the Forbes Global 100 and Fortune 100. Qualys helps organizations streamline and automate their security and compliance solutions onto a single platform for greater agility, better business outcomes, and substantial cost savings.
The Qualys Cloud Platform leverages a single agent to continuously deliver critical security intelligence while enabling enterprises to automate the full spectrum of vulnerability detection, compliance, and protection for IT systems, workloads and web applications across on premises, endpoints, servers, public and private clouds, containers, and mobile devices. Founded in 1999 as one of the first SaaS security companies, Qualys has strategic partnerships and seamlessly integrates its vulnerability management capabilities into security offerings from cloud service providers, including Amazon Web Services, the Google Cloud Platform and Microsoft Azure, along with a number of leading managed service providers and global consulting organizations. For more information, please visit http://www.qualys.com
