Senior Security Analyst

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world!

Join our advanced cybersecurity team as a Senior Security Analyst, where your expertise will be instrumental in strengthening our organizational security framework. In this pivotal role, you will lead the strategic implementation and management of vulnerability management programs, with a specialized focus on Qualys solutions, while also driving improvements in Cloud Security Posture Management (CSPM) and Endpoint Detection and Response/Endpoint Protection Platforms (EDR/EPP).

As a senior member of our security team, you will provide technical leadership, mentor junior analysts, and collaborate closely with cross-functional teams to proactively identify and mitigate cybersecurity risks. Your role extends beyond daily security operations to influencing security strategy, policy development, and automation initiatives. If you have a deep understanding of evolving threats and a commitment to enhancing enterprise security, we invite you to bring your expertise to our team.

Key Responsibilities:

Leadership & Strategy:

• Serve as a subject matter expert on vulnerability management, cloud security, and endpoint protection.
• Mentor and provide guidance to junior security analysts.
• Develop and refine security policies, best practices, and frameworks.
• Lead cross-functional security initiatives, collaborating with IT, DevOps, and engineering teams.

Qualys Vulnerability Management:

• Oversee and optimize Qualys deployment across enterprise infrastructure.
• Design and implement advanced scanning configurations to ensure complete asset coverage.
• Analyze vulnerability data to identify critical risks, trends, and areas for proactive improvement.
• Coordinate remediation efforts, providing strategic guidance to IT and system administration teams.

Cloud Security Posture Management (CSPM):

• Lead cloud security audits and compliance enforcement for multi-cloud environments.
• Implement and fine-tune CSPM tools to enforce industry regulations and internal security policies.
• Develop best practices for secure cloud configurations and integrate security into DevOps pipelines.

Endpoint Security (EDR/EPP):

• Deploy and manage EDR/EPP solutions for advanced threat detection and response.
• Assist Qualys SOC in threat hunting and forensic investigations to identify and mitigate advanced threats.
• Configure and monitor EDR/EPP tools, conduct regular audits, and ensure proper integration with other security controls.
• Respond promptly to endpoint security alerts, investigate incidents, and implement corrective actions.

Automation & Security Orchestration:

• Design and implement security automation workflows to enhance efficiency.
• Explore orchestration solutions to automate remediation processes for recurring security gaps.
• Integrate security tools to provide a unified real-time security monitoring framework.

Compliance & Risk Management:

• Ensure security controls align with industry standards (NIST, ISO 27001, CIS Benchmarks, DISA STIG etc.).
• Conduct periodic risk assessments and audits to proactively address security weaknesses.
• Maintain compliance with regulatory requirements and Qualys internal governance policies.

Collaboration with Qualys Support:

• Engage with Qualys support for issue resolution, updates, and to stay informed about new features and best practices.
• Participate in Qualys user forums and communities to share insights and learn from others' experiences.

Qualifications & Experience:

• Bachelor's or Master's degree in Cybersecurity, Information Technology, or a related field.
• 3+ years of experience in cybersecurity, with a focus on vulnerability management, cloud security, and endpoint protection.
• Strong expertise in Qualys Vulnerability Management and security policy enforcement.
• Hands-on experience with CSPM tools and cloud security best practices.
• Proven track record in EDR/EPP deployment and security incident handling.
• Experience in security automation, orchestration, and integration with SIEM and SOAR platforms.
• Relevant certifications such as CISSP, CISM, CEH, or OSCP are preferred.
• Strong analytical, problem-solving, and communication skills.
• Ability to lead projects and mentor junior analysts while driving a security-first culture.

If you're passionate about enhancing enterprise security, driving innovation, and leading critical cybersecurity initiatives, we encourage you to apply and join our team as a Senior Security Analyst!