Senior Cloud Security Engineer
Qualys · Pune Division, Maharashtra, India
- On site
- Full-time
- $140,000 / year
- Pune Division, Maharashtra, India
Job highlights
- Build and maintain cloud security infrastructure.
- Design and implement security controls, automation, policies.
- Secure cloud-native products at scale.
- Automate security workflows and compliance checks.
- Analyze security telemetry and emerging technologies.
About the role
About The Role
We're seeking a Senior Cloud Security Engineer to join our Product Security team’s Cloud Infrastructure Security wing, where you'll play a critical role in building and maintaining security infrastructure that prevents issues before they become incidents. Working closely with our leads across Qualys, you'll design and implement security controls, automation, and policies that protect our cloud-native products at scale.
What You'll Do
Cloud Security Engineering
- Review security controls for Kubernetes environments across multiple clusters
- Develop and optimize Infrastructure as Code (IaC) security patterns using tools like HELM, Terraform and CloudFormation
- Build and enforce Policy as Code frameworks to ensure consistent security posture across cloud platforms
- Create and maintain security policies for Platform-as-a-Service (PaaS) offerings
- Conduct security reviews of cloud architecture as well as services, recommend hardening measures, and drive adoption through IaC and PaC.
Cloud Security Posture Management (CSPM)
- Write/ create appropriate security policies
- Review the CSPM findings and work with appropriate stakeholders to get the findings remediated.
Process Automation
- Develop automation solutions to streamline security workflows and eliminate manual security tasks
- Build security tooling and integrations that enable product teams to shift security left
- Create automated compliance checks and remediation workflows
- Implement security testing automation within CI/CD pipelines
- Design self-service security capabilities that empower engineering teams
Security Analysis
- Perform in-depth security assessments of applications, infrastructure, and cloud environments
- Analyze security telemetry and metrics to identify trends and potential vulnerabilities
- Investigate security findings and provide detailed remediation guidance
- Evaluate emerging security technologies and recommend adoption strategies
What You Bring
Required:
- 5+ years of experience in security engineering, with significant focus on cloud security
- Experience in managing/ writing policies in any of the industry leading CSPM platform with proficiency in Policy as Code frameworks (OPA/Rego, Sentinel, or similar)
- Deep understanding of the cloud services and workloads security.
- Hands-on experience with major cloud platforms (AWS, Azure, or GCP)
- Strong experience with Infrastructure as Code tools like HELM and security best practices
- Deep expertise in Kubernetes security (RBAC, network policies, pod security, admission controllers)
- Programming/scripting skills in Python, Go, or similar languages for automation
- Strong understanding of container security and orchestration
- Experience with security automation and DevSecOps practices
- Excellent problem-solving skills and ability to work independently
Preferred:
- Experience with Qualys’s Total Cloud platform
- Experience with REGO, Python
- Experience with Terraform
- Experience with security scanning tools (SAST, DAST, SCA, container scanning)
- Knowledge of compliance frameworks (SOC 2, ISO 27001, PCI DSS)
- Contributions to open-source security projects
- Relevant security certifications (CCSP, CCSK, CKS, or equivalent)
- Experience in product security or application security role
Why Join Us
You'll be part of a team that operates at the intersection of security, engineering, and product development. We believe in preventing problems before they occur through smart automation, robust architecture, and proactive security practices. You'll have the opportunity to work with cutting-edge cloud technologies while making a tangible impact on product security at Qualys.
Key skills/competency
- Cloud Security
- Kubernetes Security
- Infrastructure as Code (IaC)
- Policy as Code (PaC)
- CSPM
- Automation
- DevSecOps
- Python
- Go
- Security Analysis
Skills & topics
- Senior Cloud Security Engineer
- Cloud Security
- Kubernetes Security
- Infrastructure as Code
- Policy as Code
- CSPM
- Automation
- DevSecOps
- Python
- AWS
- Azure
- GCP
- Security Engineering
- Product Security
- Security Analysis
How to get hired
- Tailor your resume: Highlight cloud security, Kubernetes, IaC, and automation experience.
- Showcase expertise: Emphasize Policy as Code (OPA/Rego) and CSPM platform proficiency.
- Quantify achievements: Use numbers to demonstrate impact of security initiatives.
- Prepare for technical questions: Be ready to discuss cloud platforms, Kubernetes security, and scripting.
- Demonstrate problem-solving: Prepare examples of proactive security and automation solutions.
Technical preparation
Master Kubernetes security concepts and tools.,Become proficient with Terraform and CloudFormation.,Develop strong Python/Go scripting skills.,Understand OPA/Rego for Policy as Code.
Behavioral questions
Describe a complex security issue you solved.,How do you automate repetitive security tasks?,How do you handle disagreements on security policies?,Share an experience of improving security posture.
Frequently asked questions
- What are the key responsibilities for a Senior Cloud Security Engineer at Qualys?
- As a Senior Cloud Security Engineer at Qualys, you will focus on building and maintaining security infrastructure for cloud-native products. This includes reviewing security controls for Kubernetes, developing Infrastructure as Code (IaC) and Policy as Code (PaC) frameworks, managing Cloud Security Posture Management (CSPM) findings, automating security workflows, and performing security analysis of cloud environments.
- What cloud platforms does Qualys use for its Senior Cloud Security Engineer role?
- The Senior Cloud Security Engineer role at Qualys requires hands-on experience with major cloud platforms, specifically mentioning AWS, Azure, or GCP. Proficiency in these platforms is crucial for designing and implementing robust security controls.
- What programming languages are important for the Senior Cloud Security Engineer position at Qualys?
- Qualys seeks candidates with programming or scripting skills in languages like Python or Go for automation purposes. Experience with REGO is also preferred, especially for policy-as-code frameworks.
- What level of experience is required for the Senior Cloud Security Engineer role at Qualys?
- The role requires a minimum of 5 years of experience in security engineering, with a significant focus on cloud security. Additionally, experience with industry-leading CSPM platforms and Policy as Code frameworks is essential.
- How does Qualys emphasize security in its cloud infrastructure?
- Qualys emphasizes proactive security through smart automation, robust architecture, and preventative practices. The Senior Cloud Security Engineer will play a key role in designing and implementing these measures to protect cloud-native products at scale.
- What is the importance of Kubernetes security in this role?
- Deep expertise in Kubernetes security is a key requirement for this role. This includes understanding and implementing controls for RBAC, network policies, pod security, and admission controllers to ensure a secure containerized environment.
- Are there opportunities for professional development in this Senior Cloud Security Engineer role?
- Yes, the role offers opportunities to work with cutting-edge cloud technologies and contribute to product security at Qualys. Preferred qualifications include relevant security certifications like CCSP, CCSK, or CKS, suggesting a supportive environment for professional growth.