Senior Cloud Security Engineer at Qualys, Inc. - Japan

pune, maharashtra, India -

Full Time

Start Date

Immediate

Expiry Date

06 Jun, 26

Salary

0.0

Posted On

08 Mar, 26

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Cloud Security, Kubernetes, Infrastructure As Code, Terraform, CloudFormation, Policy As Code, CSPM, Automation, DevSecOps, Python, Go, Container Security, Security Assessments, CI/CD, AWS, Azure

Industry

Computer and Network Security

Description

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! About the Role We're seeking a Senior Cloud Security Engineer to join our Product Security team’s Cloud Infrastructure Security wing, where you'll play a critical role in building and maintaining security infrastructure that prevents issues before they become incidents. Working closely with our leads across Qualys, you'll design and implement security controls, automation, and policies that protect our cloud-native products at scale. What You'll Do Cloud Security Engineering Review security controls for Kubernetes environments across multiple clusters Develop and optimize Infrastructure as Code (IaC) security patterns using tools like HELM, Terraform and CloudFormation Build and enforce Policy as Code frameworks to ensure consistent security posture across cloud platforms Create and maintain security policies for Platform-as-a-Service (PaaS) offerings Conduct security reviews of cloud architecture as well as services, recommend hardening measures, and drive adoption through IaC and PaC. Cloud Security Posture Management (CSPM) Write/ create appropriate security policies Review the CSPM findings and work with appropriate stakeholders to get the findings remediated. Process Automation Develop automation solutions to streamline security workflows and eliminate manual security tasks Build security tooling and integrations that enable product teams to shift security left Create automated compliance checks and remediation workflows Implement security testing automation within CI/CD pipelines Design self-service security capabilities that empower engineering teams Security Analysis Perform in-depth security assessments of applications, infrastructure, and cloud environments Analyze security telemetry and metrics to identify trends and potential vulnerabilities Investigate security findings and provide detailed remediation guidance Evaluate emerging security technologies and recommend adoption strategies What You Bring Required: 5+ years of experience in security engineering, with significant focus on cloud security Experience in managing/ writing policies in any of the industry leading CSPM platform with proficiency in Policy as Code frameworks (OPA/Rego, Sentinel, or similar) Deep understanding of the cloud services and workloads security. Hands-on experience with major cloud platforms (AWS, Azure, or GCP) Strong experience with Infrastructure as Code tools like HELM and security best practices Deep expertise in Kubernetes security (RBAC, network policies, pod security, admission controllers) Programming/scripting skills in Python, Go, or similar languages for automation Strong understanding of container security and orchestration Experience with security automation and DevSecOps practices Excellent problem-solving skills and ability to work independently Preferred: Experience with Qualys’s Total Cloud platform Experience with REGO, Python Experience with Terraform Experience with security scanning tools (SAST, DAST, SCA, container scanning) Knowledge of compliance frameworks (SOC 2, ISO 27001, PCI DSS) Contributions to open-source security projects Relevant security certifications (CCSP, CCSK, CKS, or equivalent) Experience in product security or application security role Why Join Us You'll be part of a team that operates at the intersection of security, engineering, and product development. We believe in preventing problems before they occur through smart automation, robust architecture, and proactive security practices. You'll have the opportunity to work with cutting-edge cloud technologies while making a tangible impact on product security at Qualys. Join our talent community and receive the latest Qualys news, content, and be first in line for new job opportunities. Join our Talent Community! Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of disruptive cloud-based security, compliance and IT solutions with more than 10,000 subscription customers worldwide, including a majority of the Forbes Global 100 and Fortune 100. Qualys helps organizations streamline and automate their security and compliance solutions onto a single platform for greater agility, better business outcomes, and substantial cost savings.

How To Apply:

Incase you would like to apply to this job directly from the source, please click here

Responsibilities

The role involves designing and implementing security controls, automation, and policies to protect cloud-native products, focusing on reviewing security controls for Kubernetes environments and developing Infrastructure as Code security patterns. Responsibilities also include managing Cloud Security Posture Management (CSPM) findings and building automation solutions to streamline security workflows.