Assist in analyzing and documenting compliance controls across platforms including Windows, Linux, macOS, and network devices.
Support the development of technical standards and compliance policies based on frameworks such as CIS, DISA STIG, NIST, PCI-DSS, ISO, and HIPAA.
Help map controls to industry frameworks (e.g., MITRE, NIST) and document control categories, criticality ratings, and remediation steps.
Linux Systems & Hardening
Analyze, interpret, and implement Linux security hardening and compliance configuration requirements across enterprise server environments.
Work with Linux systems across enterprise distributions including RHEL, Ubuntu, CentOS, and Debian.
Configure and manage disk partitioning, filesystems, mount options, and LVM layouts for secure system deployments.
Configure and maintain SELinux in enforcing mode, including policy configuration, contexts, and validation of confined services.
Harden Linux systems by configuring kernel parameters, disabling unnecessary kernel modules, and applying secure sysctl settings.
Configure and manage auditd services, audit rules, log retention policies, and audit log analysis to support security monitoring, traceability, and compliance reporting.
Implement secure authentication and access control mechanisms including SSH hardening, PAM configuration, sudo policies, password controls, account restrictions, and cron/at access management.
Work with critical Linux configuration files including /etc/passwd, /etc/shadow, sudoers, SSH configuration, PAM modules, fstab, systemd services, and audit configurations.
Write and maintain Bash/shell scripts to automate compliance checks, remediation activities, configuration validation, and reporting tasks.
Research security hardening updates, understand control intent and rationale, and document implementation approaches, exceptions, and remediation procedures for Linux systems.
Automation & AI-Assisted Tooling
Write and maintain automation scripts using Python, Shell scripting, and PowerShell to support compliance workflows.
Explore and apply LLM APIs (e.g., OpenAI, Anthropic Claude) to assist with research, content generation, and task automation.
Support the development of AI-assisted tools and basic agent workflows under guidance from senior team members.
Learn and apply prompt engineering techniques to interact effectively with AI models for compliance use cases.
Contribute to automation libraries and reusable script templates for compliance checks and remediation.
Content Development & Collaboration
Develop and maintain compliance scripts using PowerShell, Python, and shell scripting.
Update and improve existing content as benchmarks, policies, and customer requirements evolve.
Work with cross-functional teams (Development, QA, Infrastructure) to deliver quality output on time.
Support customers by helping identify and address compliance gaps with practical, well-documented solutions.
Required Technical Skills
Linux
2+ years of hands-on experience including: At least one RHEL-based distribution (RHEL / CentOS / Rocky / Alma)
At least one Debian-based distribution (Ubuntu / Debian)
Working knowledge of disk partitioning, filesystems, and mount management
Basic to intermediate understanding of SELinux modes and contexts (good to have)
Familiarity with kernel parameter tuning via sysctl
Experience with Linux auditing (auditd, audit rules, ausearch, aureport)
Exposure to Linux system hardening guidelines (CIS Benchmarks or DISA STIG)
Ability to read, write, and troubleshoot Bash/shell scripts
Comfort working with system files: /etc/passwd, sudoers, SSH config, PAM, cron, syslog
Automation & Scripting (Required)
Python scripting (preferred for automation) Basic to intermediate proficiency
Ability to independently write functional automation scripts
Used in place of shell where more effective
PowerShell scripting for Windows-based or cross-platform tasks
Experience using AI-assisted development ("vibe coding") tools such as GitHub Copilot, ChatGPT, Claude, Cursor, or similar tools to accelerate scripting, troubleshooting, research, and automation workflows
Familiarity with or curiosity about LLM APIs (OpenAI, Anthropic Claude, or similar) and prom
Additional Information
Come work at a place where innovation and teamwork come together to support the most exciting missions in the world!
We are looking for a motivated and detail-oriented Compliance Research Analyst with 2-3 years of experience to join our organization. The ideal candidate has foundational to intermediate hands-on knowledge of Linux systems, scripting, and security frameworks, along with a growing interest in automation and AI-powered tooling. This role involves research, analysis, and scripting to support the development and maintenance of compliance policies, technical standards, and target configuration as per CIS/DISA benchmarks. We value curiosity, a willingness to learn, and a strong work ethic over perfection.
Qualys · Pune, India