Senior Security Engineer

We are seeking a highly skilled and experienced Senior Security Engineer to join our team. As a Senior Security Engineer, you will be responsible for designing, implementing, and maintaining security solutions to protect Qualys systems, networks, and data.

Requirements

• Design and implement IAM infrastructure components, including identity management systems, directory services, authentication mechanisms, and access control mechanisms.
• Develop secure IAM frameworks and workflows, ensuring scalability, reliability, and high availability of IAM infrastructure.
• Implement role-based access control (RBAC) frameworks and access control models to grant appropriate access privileges to users based on their roles and responsibilities.
• Monitor and audit user access rights, regularly reviewing and revoking unnecessary or excessive privileges.
• Design and implement identity federation solutions, enabling secure and seamless authentication and authorization across systems and applications.
• Develop and configure Single Sign-On (SSO) solutions using industry-standard protocols such as SAML, OAuth, and OpenID Connect.
• Assist in the development and enforcement of IAM security policies, standards, and procedures.
• Develop and enforce cloud identity governance processes, including user lifecycle management, access certifications, and access review workflows.
• Conduct regular assessments and audits of cloud IAM infrastructure to identify and address security vulnerabilities, gaps in compliance, and deviations from established policies.
• Monitor the performance, availability, and security of IAM infrastructure components, proactively identifying and resolving any issues or vulnerabilities.
• Implement backup and disaster recovery mechanisms for IAM infrastructure components.
• Develop and maintain access control models, including RBAC, ABAC (Attribute-Based Access Control), and dynamic authorization frameworks, to ensure granular and appropriate access privileges across systems and applications.
• Implement fine-grained access controls based on user roles, job responsibilities, and data sensitivity, balancing security requirements with operational efficiency.
• Monitor and enforce access control policies, regularly reviewing access permissions to identify and remediate any unauthorized access or potential security risks.
• Design and deploy multi-factor authentication (MFA) solutions to enhance the security of user authentication processes.
• Implement adaptive authentication mechanisms that dynamically adjust authentication requirements based on user behavior, risk levels, and contextual factors.
• Develop and maintain identity lifecycle management processes, including user provisioning, user attribute management, password management, and account termination procedures.
• Collaborate with HR, IT, and other relevant departments to ensure efficient and secure onboarding, role changes, and offboarding of employees, contractors, and external partners.
• Implement self-service capabilities for users to manage their identities, passwords, and access requests, reducing administrative overhead and improving user satisfaction.
• Capture and analyze user activity logs to detect suspicious behavior, such as unauthorized access attempts or privilege escalations.
• Monitor and log access control decisions, privilege changes, and administrative activities for auditing and compliance purposes.
• Enable logging and monitoring of cloud IAM services to track changes, detect security incidents, and support forensic investigations.
• Correlate IAM logs with other security logs to identify anomalies, detect insider threats, and investigate security incidents.
• Engage with IAM solution vendors, assess their products and services, and participate in the selection and procurement process.
• Collaborate with vendors on solution implementations, upgrades, and issue resolution, ensuring alignment with business requirements and security standards.
• Manage vendor relationships, including contract negotiations, service level agreements (SLAs), and ongoing vendor performance evaluation.