Skip to main content
Back to jobs

Senior Security Research Engineer

External
qualys logoQualys · Pune, India
Full-timeOn-site2w ago
Application SecurityLinux
Cover LetterConnect

Prepare for this interview

Elite

AI-generated questions, company research, and talking points tailored to this role

Responsibilities

  • Research, analyze, and assess attack surface and vulnerability data
  • Develop tailored and actionable mitigation strategies and plans to address vulnerability risk
  • Work with new and emerging vulnerability data to identify potential attack paths in critical systems.
  • Document , develop and present mitigation strategies in web applications , databases, standalone applications, etc.
  • Analyze the root cause of vulnerabilities and support the prioritization of mitigations based on risk and return on mitigation
  • Provide mitigation strategies that prioritize risk against level of effort for multiple systems or organizations
  • Catalog mitigation advice, challenges, and trends and patterns
  • Patch diffing and r everse engineering with tools such as Ghidra , IDA, etc.
  • Provide subject matter expertise on tailored mitigations to resolve and remediate vulnerabilities on targeted technologies
  • W ork in fast-paced startup like environment with shifting priorities to handle and maintain balance with multiple stakeholders.
  • Conduct research to assess and create software patches and configuration changes to be applied to varied software, middleware and hardware
  • Provide assessment including security, system, and business impact of vulnerabilities
  • Must be able to think ahead to avoid business outages based on the lab results
  • Analyze vulnerability data and support management of identified vulnerabilities, including tracking, remediation, and reporting

Requirements

  • Excellent understanding of network, system and application security
  • Experience with IDA Pro, Ghidra , or similar binary analysis tool
  • Knowledge of various vulnerability scanning solutions is a plus
  • Excellent written and verbal communication
  • Graduate with preferable 4 years degree or at least 3-year degree with computer science and information technology background
  • S ecure architecture designs and use of detection/protection mechanisms (e.g., firewalls, IDS/IPS, full-packet capture technologies) to mitigate risk
  • A solid understanding of industry best practices for Patch Management
  • Specific demonstrated experience mapping business processes and comparing those processes to industry best practices
  • Background around using or understanding of security tools would be plus
  • Solid understanding of the security implications of a patch on web applications, Windows, Linux, Mac OS operating systems
  • Thorough testing of patches in a non-production environment
  • Have working knowledge of basic operation systems commands and tooling - Windows, Linux, Mac OS
  • Should have very good communication and articulation skills
  • Ability and ready to learn new technology and should be a good team player
  • What you get to do :
  • Work within Threat Research, detection and response teams and analysts to define the priority, design the solution, and contribute to build framework for patching vulnerabilitie s

Additional Information

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world!

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at qualys? Share your experience

Interested in this role?

Apply on the company's website.

Cover LetterConnect
Senior Security Research Engineer at Qualys